Description

Cross-site scripting (XSS) vulnerability in the administrative interface in Dotclear before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2009-0933

Related Vulnerabilities

CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-34832)

WordPress Plugin Academy LMS-eLearning and online course solution for WordPress Privilege Escalation (1.9.19)

Squid Improper Input Validation Vulnerability (CVE-2016-4555)

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-26876)

WordPress Plugin Peugeot Music Arbitrary File Upload (1.0)

Severity

Medium

Classification

CVE-2009-0933 CWE-707

Tags

Missing Update Known Vulnerabilities