Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus (mod_joomulus) module 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action to (1) tagcloud_ell.swf, (2) tagcloud_eng.swf, (3) tagcloud_por.swf, (4) tagcloud_rus.swf, and possibly (5) tagcloud_jpn.swf. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Joomlabear | Mod Joomulus | 2.0 |
| Joomla | Joomla | All versions |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/37994Vendor Advisory
- http://www.osvdb.org/61343
- http://www.osvdb.org/61344
- http://www.osvdb.org/61345
- http://www.osvdb.org/61346
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55156
- http://secunia.com/advisories/37994Vendor Advisory
- http://www.osvdb.org/61343
- http://www.osvdb.org/61344
- http://www.osvdb.org/61345
- http://www.osvdb.org/61346
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55156
FAQ
What is CVE-2009-4573?
CVE-2009-4573 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus (mod_joomulus) module 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a ...
How severe is CVE-2009-4573?
CVE-2009-4573 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-4573?
Check the references section above for vendor advisories and patch information. Affected products include: Joomlabear Mod Joomulus, Joomla Joomla.