CVE-2009-0971

medium

Description

Cross-site scripting (XSS) vulnerability in futomi's CGI Cafe Access Analyzer CGI Standard Version 3.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/49264

http://www.vupen.com/english/advisories/2009/0737

http://www.securityfocus.com/bid/34123

http://www.futomi.com/library/info/2009/20090316.html

http://secunia.com/advisories/34271

http://osvdb.org/52802

http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000015.html

http://jvn.jp/en/jp/JVN23558374/index.html

Details

Source: Mitre, NVD

Published: 2009-03-19

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N