CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Didier Ernotte: Security Vulnerabilities

CVE-2009-4101

infoRSS 1.1.4.2 and earlier extension for Firefox performs certain operations with chrome privileges, which allows remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via the description tag of an RSS feed.

CVSS Score

9.3

EPSS Score

0.015

Published

2009-11-29

Page 1

Vulnerabilities

Vulnerable Software

Didier Ernotte: Security Vulnerabilities

Products

Pricing

Contact Us