Lucene search
MitreCVE-2009-1614HistoryMay 11, 2009 - 8:30 p.m.
CVE-2009-1614
2009-05-1120:30:00
CWE-79
mitre
web.nvd.nist.gov
26
cve-2009-1614
xss
vulnerabilities
leap cms
remote attackers
web script
html
nvd
security
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
48.5%
Multiple cross-site scripting (XSS) vulnerabilities in Leap CMS 0.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the msg parameter (aka the message in an article comment) or (2) the searchterm parameter (aka the search post form). NOTE: some of these details are obtained from third party information.
Affected configurations
Node
gowondesignsleapMatch0.1.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| gowondesigns | leap | 0.1.4 | cpe:2.3:a:gowondesigns:leap:0.1.4:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2009-1614
2009-05-11 20:00:00
prion
prion
Cross site scripting
2009-05-11 20:30:00
nvd
nvd
CVE-2009-1614
2009-05-11 20:30:00
exploitdb
exploitdb
openvas
openvas
Leap CMS Multiple remote vulnerabilities
2009-04-30 00:00:00
Leap CMS Multiple Vulnerabilities
2009-04-30 00:00:00
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
48.5%
Related for CVE-2009-1614