What is the severity of CVE-2009-4804?

CVE-2009-4804 is considered a moderate severity vulnerability due to its cross-site scripting (XSS) nature.

How do I fix CVE-2009-4804?

To fix CVE-2009-4804, upgrade the Calendar Base extension to version 1.1.1 or later.

Which versions of the Calendar Base extension are affected by CVE-2009-4804?

CVE-2009-4804 affects all versions of the Calendar Base extension before 1.1.1.

Can CVE-2009-4804 affect all web browsers?

CVE-2009-4804 specifically affects users of Internet Explorer 6.

Vulnerability/
CVE-2009-4804

medium

4.3

CWE

23/4/2010

16/9/2024

CVE-2009-4804: XSS

Q: What type of attack does CVE-2009-4804 enable?

CVE-2009-4804 allows remote attackers to inject arbitrary web script or HTML into the application.

First published: Fri Apr 23 2010(Updated: )

Cross-site scripting (XSS) vulnerability in the Calendar Base (cal) extension before 1.1.1 for TYPO3, when Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via "search parameters."

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
mario matzulla Calendar Base	<=1.1.0
mario matzulla Calendar Base	=0.9.0
mario matzulla Calendar Base	=0.10.0
mario matzulla Calendar Base	=0.11.0
mario matzulla Calendar Base	=0.12.0
mario matzulla Calendar Base	=0.12.1
mario matzulla Calendar Base	=0.13.0
mario matzulla Calendar Base	=0.13.1
mario matzulla Calendar Base	=0.14.0
mario matzulla Calendar Base	=0.14.1
mario matzulla Calendar Base	=0.15.0
mario matzulla Calendar Base	=0.15.1
mario matzulla Calendar Base	=0.15.2
mario matzulla Calendar Base	=0.15.3
mario matzulla Calendar Base	=0.15.4
mario matzulla Calendar Base	=0.15.5
mario matzulla Calendar Base	=0.16.0
mario matzulla Calendar Base	=0.16.1
mario matzulla Calendar Base	=0.16.2
mario matzulla Calendar Base	=0.16.3
mario matzulla Calendar Base	=0.16.4
mario matzulla Calendar Base	=0.16.5
mario matzulla Calendar Base	=0.16.6
mario matzulla Calendar Base	=0.17.0
mario matzulla Calendar Base	=0.17.1
mario matzulla Calendar Base	=0.17.2
mario matzulla Calendar Base	=0.17.3
mario matzulla Calendar Base	=1.0.0
Internet Explorer
TYPO3

Remedy

http://www.securityfocus.com/bid/33996

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-4804?
CVE-2009-4804 is considered a moderate severity vulnerability due to its cross-site scripting (XSS) nature.
How do I fix CVE-2009-4804?
To fix CVE-2009-4804, upgrade the Calendar Base extension to version 1.1.1 or later.
Which versions of the Calendar Base extension are affected by CVE-2009-4804?
CVE-2009-4804 affects all versions of the Calendar Base extension before 1.1.1.
Can CVE-2009-4804 affect all web browsers?
CVE-2009-4804 specifically affects users of Internet Explorer 6.
What type of attack does CVE-2009-4804 enable?
CVE-2009-4804 allows remote attackers to inject arbitrary web script or HTML into the application.

collector/nvd-historical
agent/references
agent/type
agent/severity
agent/remedy
agent/author
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/mario matzulla
canonical/mario matzulla calendar base
version/mario matzulla calendar base/1.1.0
version/mario matzulla calendar base/0.9.0
version/mario matzulla calendar base/0.10.0
version/mario matzulla calendar base/0.11.0
version/mario matzulla calendar base/0.12.0
version/mario matzulla calendar base/0.12.1
version/mario matzulla calendar base/0.13.0
version/mario matzulla calendar base/0.13.1
version/mario matzulla calendar base/0.14.0
version/mario matzulla calendar base/0.14.1
version/mario matzulla calendar base/0.15.0
version/mario matzulla calendar base/0.15.1
version/mario matzulla calendar base/0.15.2
version/mario matzulla calendar base/0.15.3
version/mario matzulla calendar base/0.15.4
version/mario matzulla calendar base/0.15.5
version/mario matzulla calendar base/0.16.0
version/mario matzulla calendar base/0.16.1
version/mario matzulla calendar base/0.16.2
version/mario matzulla calendar base/0.16.3
version/mario matzulla calendar base/0.16.4
version/mario matzulla calendar base/0.16.5
version/mario matzulla calendar base/0.16.6
version/mario matzulla calendar base/0.17.0
version/mario matzulla calendar base/0.17.1
version/mario matzulla calendar base/0.17.2
version/mario matzulla calendar base/0.17.3
version/mario matzulla calendar base/1.0.0
vendor/microsoft
canonical/internet explorer
vendor/typo3
canonical/typo3 typo3

CVE-2009-4804: XSS

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-4804?

How do I fix CVE-2009-4804?

Which versions of the Calendar Base extension are affected by CVE-2009-4804?

Can CVE-2009-4804 affect all web browsers?

What type of attack does CVE-2009-4804 enable?

Company

Resources

Contact