NVD

Id
11224  
Name
CVE-2011-4909  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.5.12 allow remote attackers to inject arbitrary web script or HTML via the HTTP_REFERER header to (1) components/com_content/views/article/tmpl/form.php, (2) components/com_user/controller.php, (3) plugins/system/legacy/html.php, or (4) templates/beez/html/com_content/article/form.php.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-07  
Published
2012-10-07  
Modified Date
2012-10-08  
Seq
2011-4909  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
62112 11224 CVE-2011-4909 20120702 [ISecAuditors Security Advisories] Joomla! < 1.5.12 Multiple XSS vulnerabilities in HTTP Headers  View
62113 11224 CVE-2011-4909 http://developer.joomla.org/security/news/298-20090604-core-frontend-xss-httpreferer-not-properly-filtered.html  View
62114 11224 CVE-2011-4909 [oss-security] 20111225 CVE-request for three 2009 Joomla issues (second part)  View
62115 11224 CVE-2011-4909 [oss-security] 20111225 Re: CVE-request for three 2009 Joomla issues (second part)  View
62116 11224 CVE-2011-4909 35544  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
44283 JVNDB-2009-005290 Joomla! におけるクロスサイトスクリプティングの脆弱性 Joomla! には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2011-4909 52816 CVE-2011-4909 11224 4.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-005290.html 2009-06-30 2012-10-10 View