CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-4497

Cross-site scripting (XSS) vulnerability in LXR Cross Referencer 0.9.5 and 0.9.6 allows remote attackers to inject arbitrary web script or HTML via the i parameter to the ident program.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.5%

CVSS Severity

CVSS v2 Score 4.3

References

http://secunia.com/advisories/38117
http://sourceforge.net/mailarchive/message.php?msg_name=E1NS2s4-0001PE-F2%403bkjzd1.ch3.sourceforge.com
http://secunia.com/advisories/38117
http://sourceforge.net/mailarchive/message.php?msg_name=E1NS2s4-0001PE-F2%403bkjzd1.ch3.sourceforge.com

Products affected by CVE-2009-4497

Malcom Box » Lxr Cross Referencer » Version: 0.9.5

cpe:2.3:a:malcom_box:lxr_cross_referencer:0.9.5
Malcom Box » Lxr Cross Referencer » Version: 0.9.6

cpe:2.3:a:malcom_box:lxr_cross_referencer:0.9.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4497

Products

Pricing

Contact Us