XSS in Mozilo Mozilocms
CVE-2009-4209
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in moziloCMS 1.11.1 allow remote attackers to inject arbitrary web script or HTML via the (1) cat and (2) file parameters in an editsite action, different vectors than…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.012 (64.0th percentile) — read the EPSS interpretation.
Affected products
- Mozilo Mozilocms — versions 1.11.1
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)