CVE-2009-1408
N/A
N/A
Summary
Cross-site scripting (XSS) vulnerability in webSPELL 4.2.0c allows remote attackers to inject arbitrary web script or HTML allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover in nested BBcode tags, as demonstrated using (1) email, (2) img, and (3) url tags.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://osvdb.org/53782
- https://www.exploit-db.com/exploits/8453
- http://secunia.com/advisories/34764
- http://www.webspell.org/index.php?site=news_comments&newsID=126&lang=uk
- http://www.securityfocus.com/bid/34595
- http://www.securityfocus.com/archive/1/502732/100/0/threaded
- http://www.webspell.org/index.php?site=files&file=25
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49937
References
- http://osvdb.org/53782
- https://www.exploit-db.com/exploits/8453
- http://secunia.com/advisories/34764
- http://www.webspell.org/index.php?site=news_comments&newsID=126&lang=uk
- http://www.securityfocus.com/bid/34595
- http://www.securityfocus.com/archive/1/502732/100/0/threaded
- http://www.webspell.org/index.php?site=files&file=25
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49937
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.