1 results (0.001 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2009-4422
https://notcve.org/view.php?id=CVE-2009-4422
24 Dec 2009 — Multiple cross-site scripting (XSS) vulnerabilities in the GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph 3.0.6 allow remote attackers to inject arbitrary web script or HTML via a key to csim_in_html_ex1.php, and other unspecified vectors. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en la función GetURLArguments en jpgraph.php en Aditus Consulting JpGraph v3.0.6 permite a atacantes remotos inyectar código web y HTML de su elección a través de una llave... • http://osvdb.org/61268 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •