Lucene search
Ubuntu.comUB:CVE-2009-3300HistoryNov 06, 2009 - 12:00 a.m.
CVE-2009-3300
2009-11-0600:00:00
ubuntu.com
ubuntu.com
6
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
65.3%
Multiple cross-site scripting (XSS) vulnerabilities in the Identity
Provider (IdP) 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service
Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware
Initiative Shibboleth allow remote attackers to inject arbitrary web script
or HTML via URLs that are encountered in redirections, and appear in
automatically generated forms.
Related
openvas
openvas
Shibboleth Service Provider Multiple XSS Vulnerabilities - Windows
2009-11-13 00:00:00
Debian: Security Advisory (DSA-1947-1)
2009-12-14 00:00:00
debiancve
debiancve
CVE-2009-3300
2009-11-06 15:30:00
nvd
nvd
CVE-2009-3300
2009-11-06 15:30:00
cvelist
cvelist
CVE-2009-3300
2009-11-06 15:00:00
cve
cve
CVE-2009-3300
2009-11-06 15:30:00
prion
prion
Cross site scripting
2009-11-06 15:30:00
debian
debian
[Backports-security-announce] Security Update for Shibboleth packages
2009-12-08 03:08:05
[SECURITY] [DSA 1947-1] New Shibboleth packages fix cross-site scripting
2009-12-07 22:59:02
nessus
nessus
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
65.3%
Related for UB:CVE-2009-3300