Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-4422HistoryDec 24, 2009 - 5:30 p.m.
CVE-2009-4422
2009-12-2417:30:00
Debian Security Bug Tracker
security-tracker.debian.org
14
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
65.5%
Multiple cross-site scripting (XSS) vulnerabilities in the GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph 3.0.6 allow remote attackers to inject arbitrary web script or HTML via a key to csim_in_html_ex1.php, and other unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | libphp-jpgraph | < 1.5.2-13.1 | libphp-jpgraph_1.5.2-13.1_all.deb |
Related
cve
cve
CVE-2009-4422
2009-12-24 17:30:00
openvas
openvas
Mandriva Security Advisory MDVSA-2009:340 (jpgraph)
2009-12-30 00:00:00
JpGraph Multiple Cross-Site Scripting Vulnerabilities
2010-01-13 00:00:00
JpGraph <= 3.0.6 Multiple XSS Vulnerabilities
2010-01-13 00:00:00
cvelist
cvelist
CVE-2009-4422
2009-12-24 17:00:00
ubuntucve
ubuntucve
CVE-2009-4422
2009-12-24 00:00:00
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2009-12-29 00:00:00
[ MDVSA-2009:340 ] jpgraph
2009-12-29 00:00:00
nvd
nvd
CVE-2009-4422
2009-12-24 17:30:00
prion
prion
Cross site scripting
2009-12-24 17:30:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
65.5%
Related for DEBIANCVE:CVE-2009-4422