Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-2324

Опубликовано: 05 июл. 2009
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to inject arbitrary web script or HTML via components in the samples (aka _samples) directory.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:fckeditor:fckeditor:*:*:*:*:*:*:*:*
Версия до 2.6.4 (включая)
cpe:2.3:a:fckeditor:fckeditor:2.0:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.0_fc:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.0_rc2:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.0rc2:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.0rc3:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.1:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.2:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.3:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.3:beta:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.4:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.5:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.5:beta:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.6:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.6.3:beta:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.6.4:beta:*:*:*:*:*:*

EPSS

Процентиль: 48%
0.00254
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2009-2324

ubuntu
больше 16 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to inject arbitrary web script or HTML via components in the samples (aka _samples) directory.

debian логотип

CVE-2009-2324

debian
больше 16 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor befor ...

github логотип

GHSA-c3mf-mvv5-325h

github
почти 4 года назад

Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to inject arbitrary web script or HTML via components in the samples (aka _samples) directory.

EPSS

Процентиль: 48%
0.00254
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79