Vulnerability CVE-2009-4250

Vulnerability CVE-2009-4250

Published: 2009-12-09 Modified: 2012-02-13

Description:

	Topic	Author	Date
Med.	Cute News and UTF-8 Cute News - Multiple Security Issues	Andrew Horton	03.12.2009

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
Korn19 -> Utf-8 cutenews
Cutephp -> Cutenews

http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt

http://www.securityfocus.com/archive/1/507782/100/0/threaded

http://www.securityfocus.com/bid/36971

https://exchange.xforce.ibmcloud.com/vulnerabilities/54221

https://exchange.xforce.ibmcloud.com/vulnerabilities/54222

https://exchange.xforce.ibmcloud.com/vulnerabilities/54223

https://exchange.xforce.ibmcloud.com/vulnerabilities/54224

https://exchange.xforce.ibmcloud.com/vulnerabilities/54237