CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 3CVE-2009-10001 – jianlinwei cool-php-captcha example-form.php cross site scripting
https://notcve.org/view.php?id=CVE-2009-10001
A vulnerability classified as problematic was found in jianlinwei cool-php-captcha up to 0.2. This vulnerability affects unknown code of the file example-form.php. The manipulation of the argument captcha with the input %3Cscript%3Ealert(1)%3C/script%3E leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jianlinwei/cool-php-captcha/commit/c84fb6b153bebaf228feee0cbf50728d27ae3f80 https://github.com/jianlinwei/cool-php-captcha/issues/2 https://github.com/jianlinwei/cool-php-captcha/releases/tag/0.3 https://vuldb.com/?ctiid.218296 https://vuldb.com/?id.218296 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •