Lucene search
MitreCVE-2009-1175HistoryMar 31, 2009 - 2:09 p.m.
CVE-2009-1175
2009-03-3114:09:53
CWE-79
mitre
web.nvd.nist.gov
22
cve-2009-1175
cross-site scripting
xss
banshee 1.4.2
daap extension
vulnerability
web script
html
remote attackers
vs_diag.cgi
error message
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
48.5%
Cross-site scripting (XSS) vulnerability in apps/web/vs_diag.cgi in the DAAP extension in Banshee 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the server parameter, which is not properly handled in an error message.
Affected configurations
Node
banshee-projectbansheeMatch1.4.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| banshee-project | banshee | 1.4.2 | cpe:2.3:a:banshee-project:banshee:1.4.2:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2009-1175
2009-03-31 14:09:53
debiancve
debiancve
CVE-2009-1175
2009-03-31 14:09:00
redhatcve
redhatcve
CVE-2009-1175
2019-10-04 21:33:12
prion
prion
Cross site scripting
2009-03-31 14:09:00
cvelist
cvelist
CVE-2009-1175
2009-03-31 10:00:00
ubuntucve
ubuntucve
CVE-2009-1175
2009-03-31 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
48.5%
Related for CVE-2009-1175