CVE-2009-1938

Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to database output and the frontend administrative panel.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
VendorProductVersion
joomlajoomla
1.5
joomlajoomla
1.5:rc1
joomlajoomla
1.5:rc2
joomlajoomla
1.5:rc3
joomlajoomla
1.5.0:beta
joomlajoomla
1.5.0:beta1
joomlajoomla
1.5.0:beta2
joomlajoomla
1.5.0:rc1
joomlajoomla
1.5.1
joomlajoomla
1.5.2
joomlajoomla
1.5.3
joomlajoomla
1.5.4
joomlajoomla
1.5.5
joomlajoomla
1.5.6
joomlajoomla
1.5.7
joomlajoomla
1.5.8
joomlajoomla
1.5.9
joomlajoomla
1.5.10
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://developer.joomla.org/security/news/297-20090602-core-frontend-xss.html
http://secunia.com/advisories/35278
http://www.joomla.org/announcements/release-news/5235-joomla-1511-security-release-now-available.html
http://www.osvdb.org/54868
http://www.securityfocus.com/bid/35189
http://www.vupen.com/english/advisories/2009/1497
https://exchange.xforce.ibmcloud.com/vulnerabilities/50923
http://developer.joomla.org/security/news/297-20090602-core-frontend-xss.html
http://secunia.com/advisories/35278
http://www.joomla.org/announcements/release-news/5235-joomla-1511-security-release-now-available.html
http://www.osvdb.org/54868
http://www.securityfocus.com/bid/35189
http://www.vupen.com/english/advisories/2009/1497
https://exchange.xforce.ibmcloud.com/vulnerabilities/50923