Lucene search
RedhatCVELIST:CVE-2009-0038HistoryApr 17, 2009 - 2:00 p.m.
CVE-2009-0038
2009-04-1714:00:00
redhat
www.cve.org
4
Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring; or (5) the PATH_INFO to the default URI under console/portal/.
References
dsecrg.com/pages/vul/show.php?id=119
geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214
issues.apache.org/jira/browse/GERONIMO-4597
secunia.com/advisories/34715
www.securityfocus.com/archive/1/502734/100/0/threaded
www.securityfocus.com/bid/34562
www.vupen.com/english/advisories/2009/1089
Related
osv
osv
github
github
veracode
veracode
Cross-Site Scripting (XSS)
2019-07-08 11:22:27
prion
prion
Cross site scripting
2009-04-17 14:30:00
packetstorm
packetstorm
Apache Geronimo Cross Site Scripting
2009-04-16 00:00:00
cve
cve
CVE-2009-0038
2009-04-17 14:30:00
nvd
nvd
CVE-2009-0038
2009-04-17 14:30:00
nessus
nessus
openvas
openvas
SLES10: Security update for Websphere Community Edition
2009-10-13 00:00:00
SLES11: Security update for Websphere Community Edition
2009-10-11 00:00:00
SLES11: Security update for Websphere Community Edition
2009-10-11 00:00:00