CVE-2009-3189

2022-10-0316:23:55

mitre

www.cve.org

cross-site scripting

digioz guestbook

remote attackers

web script injection

html injection

search parameter

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.6%

JSON

Cross-site scripting (XSS) vulnerability in search.php in DigiOz Guestbook 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the search_term parameter.

References

packetstormsecurity.org/0908-exploits/digiozgb-xss.txt

secunia.com/advisories/36489

www.vupen.com/english/advisories/2009/2443