CVE-2009-3021

Cross-site scripting (XSS) vulnerability in Site Calendar 'mycaljp' plugin 2.0.0 through 2.0.6, as used in the Japanese extended package of Geeklog 1.5.0 through 1.5.2 and when distributed 20090629 or earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:yoshinori_tahara:mycaljp:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:yoshinori_tahara:mycaljp:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:yoshinori_tahara:mycaljp:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:yoshinori_tahara:mycaljp:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:yoshinori_tahara:mycaljp:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:yoshinori_tahara:mycaljp:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:yoshinori_tahara:mycaljp:2.0.6:*:*:*:*:*:*:*
OR cpe:2.3:a:geeklog:geeklog:1.5.0:*:ja:*:*:*:*:*
cpe:2.3:a:geeklog:geeklog:1.5.1:*:ja:*:*:*:*:*
cpe:2.3:a:geeklog:geeklog:1.5.2:*:ja:*:*:*:*:*

History

No history.

Information

Published : 2009-08-31 20:30

Updated : 2024-02-04 17:33


NVD link : CVE-2009-3021

Mitre link : CVE-2009-3021

CVE.ORG link : CVE-2009-3021


JSON object : View

Products Affected

geeklog

  • geeklog

yoshinori_tahara

  • mycaljp
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')