Vulnerability Details CVE-2009-4573
Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus (mod_joomulus) module 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action to (1) tagcloud_ell.swf, (2) tagcloud_eng.swf, (3) tagcloud_por.swf, (4) tagcloud_rus.swf, and possibly (5) tagcloud_jpn.swf. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.7%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/37994
- http://www.osvdb.org/61343
- http://www.osvdb.org/61344
- http://www.osvdb.org/61345
- http://www.osvdb.org/61346
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55156
- http://secunia.com/advisories/37994
- http://www.osvdb.org/61343
- http://www.osvdb.org/61344
- http://www.osvdb.org/61345
- http://www.osvdb.org/61346
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55156
Products affected by CVE-2009-4573
-
cpe:2.3:a:joomla:joomla:*
-
cpe:2.3:a:joomlabear:mod_joomulus:2.0