CVE-2009-0038

NONECVSS 0.0

0.0

Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring; or (5) the PATH_INFO to the default URI under console/portal/.

🔗 References (14)

secalert@redhathttp://dsecrg.com/pages/vul/show.php?id=119
secalert@redhathttp://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214
secalert@redhathttp://issues.apache.org/jira/browse/GERONIMO-4597
secalert@redhathttp://secunia.com/advisories/34715
secalert@redhathttp://www.securityfocus.com/archive/1/502734/100/0/threaded
secalert@redhathttp://www.securityfocus.com/bid/34562
secalert@redhathttp://www.vupen.com/english/advisories/2009/1089
af854a3a-2127-422b-91ae-364da2661108http://dsecrg.com/pages/vul/show.php?id=119
af854a3a-2127-422b-91ae-364da2661108http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214
af854a3a-2127-422b-91ae-364da2661108http://issues.apache.org/jira/browse/GERONIMO-4597
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34715
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/502734/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34562
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1089

Is Your Infrastructure Affected by CVE-2009-0038?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-0038

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-0038?