Lucene search
HistoryDec 24, 2009 - 5:30 p.m.
CVE-2009-4422
cve-2009-4422
cross-site scripting
xss
aditus consulting
jpgraph 3.0.6
security vulnerability
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.5%
Multiple cross-site scripting (XSS) vulnerabilities in the GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph 3.0.6 allow remote attackers to inject arbitrary web script or HTML via a key to csim_in_html_ex1.php, and other unspecified vectors.
Affected configurations
Node
aditusjpgraphMatch3.0.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| aditus:jpgraph | aditus jpgraph | eq | 3.0.6 |
Related
openvas
openvas
JpGraph Multiple Cross-Site Scripting Vulnerabilities
2010-01-13 00:00:00
JpGraph <= 3.0.6 Multiple XSS Vulnerabilities
2010-01-13 00:00:00
Mandriva Security Advisory MDVSA-2009:340 (jpgraph)
2009-12-30 00:00:00
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2009-12-29 00:00:00
[ MDVSA-2009:340 ] jpgraph
2009-12-29 00:00:00
nvd
nvd
CVE-2009-4422
2009-12-24 17:30:00
debiancve
debiancve
CVE-2009-4422
2009-12-24 17:30:00
cvelist
cvelist
CVE-2009-4422
2009-12-24 17:00:00
ubuntucve
ubuntucve
CVE-2009-4422
2009-12-24 00:00:00
prion
prion
Cross site scripting
2009-12-24 17:30:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.5%
Related for CVE-2009-4422