CVE-2009-4157: XSS
First published: Wed Dec 02 2009(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in index.php in the ProofReader (com_proofreader) component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in (1) 404 or (2) error pages.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Joomla Joomla\! | ||
| Joomlatune Com Proofreader | <=1.0 | |
| Joomlatune Com Proofreader | =1.0-rc6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/event
- agent/type
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/joomla
- canonical/joomla joomla\!
- vendor/joomlatune
- canonical/joomlatune com proofreader
- version/joomlatune com proofreader/1.0
- version/joomlatune com proofreader/1.0-rc6