Vulnerability Description
Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to database output and the frontend administrative panel.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Joomla | Joomla | 1.5 |
Related Weaknesses (CWE)
References
- http://developer.joomla.org/security/news/297-20090602-core-frontend-xss.htmlVendor Advisory
- http://secunia.com/advisories/35278Vendor Advisory
- http://www.joomla.org/announcements/release-news/5235-joomla-1511-security-relea
- http://www.osvdb.org/54868
- http://www.securityfocus.com/bid/35189ExploitPatch
- http://www.vupen.com/english/advisories/2009/1497
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50923
- http://developer.joomla.org/security/news/297-20090602-core-frontend-xss.htmlVendor Advisory
- http://secunia.com/advisories/35278Vendor Advisory
- http://www.joomla.org/announcements/release-news/5235-joomla-1511-security-relea
- http://www.osvdb.org/54868
- http://www.securityfocus.com/bid/35189ExploitPatch
- http://www.vupen.com/english/advisories/2009/1497
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50923
FAQ
What is CVE-2009-1938?
CVE-2009-1938 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to database output and the front...
How severe is CVE-2009-1938?
CVE-2009-1938 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1938?
Check the references section above for vendor advisories and patch information. Affected products include: Joomla Joomla.