Vulnerability CVE-2009-0496

Vulnerability CVE-2009-0496

Published: 2009-02-09 Modified: 2012-02-13

Description:

	Topic	Author	Date
Med.	Openfire multiple vulnerabilities	CORE	09.01.2009

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
Ignite realtime -> Openfire

http://www.coresecurity.com/content/openfire-multiple-vulnerabilities

http://www.igniterealtime.org/issues/browse/JM-1506

http://www.securityfocus.com/archive/1/499880/100/0/threaded

http://www.securityfocus.com/bid/32935

http://www.securityfocus.com/bid/32937

http://www.securityfocus.com/bid/32938

http://www.securityfocus.com/bid/32939

http://www.securityfocus.com/bid/32940

http://www.securityfocus.com/bid/32943

http://www.securityfocus.com/bid/32944

https://bugs.gentoo.org/show_bug.cgi?id=254309

https://exchange.xforce.ibmcloud.com/vulnerabilities/47834

https://exchange.xforce.ibmcloud.com/vulnerabilities/47835

https://exchange.xforce.ibmcloud.com/vulnerabilities/47845