CVE-2009-0736

Опубликовано: 25 фев. 2009

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Ссылки

http://secunia.com/advisories/33888
Vendor Advisory
http://sourceforge.net/forum/forum.php?forum_id=917656
Patch
Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=660130
Patch
Vendor Advisory
http://www.securityfocus.com/bid/33733
http://secunia.com/advisories/33888
Vendor Advisory
http://sourceforge.net/forum/forum.php?forum_id=917656
Patch
Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=660130
Patch
Vendor Advisory
http://www.securityfocus.com/bid/33733

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:simon_brown:pebble:*:*:*:*:*:*:*:*

Версия до 2.3.1 (включая)

cpe:2.3:a:simon_brown:pebble:1.0:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.1:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.2:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.3:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.4:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.4:beta1:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.4:beta2:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.4:beta3:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.4.1_01:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.4.2:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.4.2_01:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.5:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.5:beta1:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.5:beta2:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.5:beta3:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.6:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.6:beta1:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.6:beta2:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.6:beta3:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.6.1:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.7:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.7:beta1:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.7.1:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.7.2:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.8:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:1.9:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:2.0:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:2.0.0:m1:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:2.0.0:m2:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:2.0.0:m3:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:2.0.0:rc1:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:2.0.0:rc2:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:2.1:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:2.1:rc1:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:2.2:*:*:*:*:*:*:*

cpe:2.3:a:simon_brown:pebble:2.3:*:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.00309

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-hv22-96xg-53m5

github

почти 4 года назад