VDB
CVE-2009-1380
CVE-2009-1380
PUBLISHED
Reported by redhat · Published December 15, 2009
Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 allows remote attackers to inject arbitrary web script or HTML via the filter parameter, related to the key property and the position of quote and colon characters.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a |
Timeline
- Dec 15, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 9, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
References
- 37276 vdb-entryx_refsource_BID
- 1023315 vdb-entryx_refsource_SECTRACK
- RHSA-2009:1637 vendor-advisoryx_refsource_REDHAT
- jboss-enterprise-jmxconsole-xss(54698) vdb-entryx_refsource_XF
- 37671 third-party-advisoryx_refsource_SECUNIA
- RHSA-2009:1636 vendor-advisoryx_refsource_REDHAT
- RHSA-2009:1649 vendor-advisoryx_refsource_REDHAT
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- RHSA-2009:1650 vendor-advisoryx_refsource_REDHAT