Cross-site scripting (XSS) vulnerability in the hook_cntrlr_error_output function in modules/page/hooks/listeners.php in the admincp component in TangoCMS 2.2.x (aka Eagle) before 2.2.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.
References
Link | Resource |
---|---|
http://secunia.com/advisories/33967 | Vendor Advisory |
http://tangocms.org/article/view/2.2.4-released | Patch Vendor Advisory |
http://tangocms.org/changelog | Patch Vendor Advisory |
http://www.securityfocus.com/bid/33833 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-03-10T14:00:00
Updated: 2009-03-19T09:00:00
Reserved: 2009-03-10T00:00:00
Link: CVE-2009-0862
JSON object: View
NVD Information
Status : Modified
Published: 2009-03-10T14:30:00.250
Modified: 2009-03-21T05:55:06.110
Link: CVE-2009-0862
JSON object: View
Redhat Information
No data.
CWE