Search

Find a vulnerability

Search criteria

    1 vulnerability found for mycaljp by Geeklog

    JVNDB-2009-000055

    Vulnerability from jvndb - Published: 2009-08-26 15:25 - Updated:2009-08-26 15:25
    Severity
    N/A (UNKNOWN) - -
    Summary
    Site Calendar 'mycaljp' vulnerable to cross-site scripting
    Details
    Site Calendar 'mycaljp' contains a cross-site scripting vulnerability. Site Calendar 'mycaljp' is a calendar plugin for Geeklog, which is an open source content management system. Site Calendar 'mycaljp' contains a cross-site scripting vulnerability. The affected plugin is also contained in the following packages: * Japanese extended package of Geeklog versions 1.5.0 through 1.5.2 Only packages released on or before June 29, 2009 are affected. For more information, refer to the developers' website. Masako Oono reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000055.html",
      "dc:date": "2009-08-26T15:25+09:00",
      "dcterms:issued": "2009-08-26T15:25+09:00",
      "dcterms:modified": "2009-08-26T15:25+09:00",
      "description": "Site Calendar \u0027mycaljp\u0027 contains a cross-site scripting vulnerability.\r\n\r\nSite Calendar \u0027mycaljp\u0027 is a calendar plugin for Geeklog, which is an open source content management system. Site Calendar \u0027mycaljp\u0027 contains a cross-site scripting vulnerability.\r\n\r\nThe affected plugin is also contained in the following packages:\r\n\r\n* Japanese extended package of Geeklog versions 1.5.0 through 1.5.2\r\nOnly packages released on or before June 29, 2009 are affected.\r\n\r\nFor more information, refer to the developers\u0027 website.\r\n\r\nMasako Oono reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000055.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:geeklog:geeklog",
          "@product": "Geeklog",
          "@vendor": "Geeklog",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:geeklog:mycaljp_plugin",
          "@product": "mycaljp",
          "@vendor": "Geeklog",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "4.3",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2009-000055",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN20478978/index.html",
          "@id": "JVN#20478978",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3021",
          "@id": "CVE-2009-3021",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3021",
          "@id": "CVE-2009-3021",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/36413",
          "@id": "SA36413",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://secunia.com/advisories/36404",
          "@id": "SA36404",
          "@source": "SECUNIA"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-79",
          "@title": "Cross-site Scripting(CWE-79)"
        }
      ],
      "title": "Site Calendar \u0027mycaljp\u0027 vulnerable to cross-site scripting"
    }