MidnightBSD

Advisories for festic

CVE-2009-4852 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from third party information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
festic semanticscuttle 0.91
festic semanticscuttle 0.89
festic semanticscuttle 0.93
festic semanticscuttle 0.87
festic semanticscuttle 0.92
festic semanticscuttle 0.90
festic semanticscuttle 0.85
festic semanticscuttle *
festic semanticscuttle 0.86
festic semanticscuttle 0.88