CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4852

Multiple cross-site scripting (XSS) vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.5%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2009-4852

Festic » Semanticscuttle » Version: Any

cpe:2.3:a:festic:semanticscuttle:*
Festic » Semanticscuttle » Version: 0.85

cpe:2.3:a:festic:semanticscuttle:0.85
Festic » Semanticscuttle » Version: 0.86

cpe:2.3:a:festic:semanticscuttle:0.86
Festic » Semanticscuttle » Version: 0.87

cpe:2.3:a:festic:semanticscuttle:0.87
Festic » Semanticscuttle » Version: 0.88

cpe:2.3:a:festic:semanticscuttle:0.88
Festic » Semanticscuttle » Version: 0.89

cpe:2.3:a:festic:semanticscuttle:0.89
Festic » Semanticscuttle » Version: 0.90

cpe:2.3:a:festic:semanticscuttle:0.90
Festic » Semanticscuttle » Version: 0.91

cpe:2.3:a:festic:semanticscuttle:0.91
Festic » Semanticscuttle » Version: 0.92

cpe:2.3:a:festic:semanticscuttle:0.92
Festic » Semanticscuttle » Version: 0.93

cpe:2.3:a:festic:semanticscuttle:0.93

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4852

Products

Pricing

Contact Us