CVE-2009-2342

2009-07-0719:00:00

mitre

www.cve.org

xss

admin.php

cmme

remote attackers

web script

html

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

57.9%

JSON

Cross-site scripting (XSS) vulnerability in admin.php (aka the login page) in Content Management Made Easy (CMME) before 1.22 allows remote attackers to inject arbitrary web script or HTML via the username field.

References

secunia.com/advisories/35610

sourceforge.net/project/shownotes.php?release_id=694724

sourceforge.net/tracker/?func=detail&aid=2500186&group_id=215535&atid=1034058