Multiple cross-site scripting (XSS) vulnerabilities in Ulteo Open Virtual Desktop 1.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) admin/applications.php, (2) admin/appsgroup.php, (3) admin/users.php, (4) admin/usersgroup.php, and (5) admin/tasks.php; (6) show parameter to admin/logs.php; and (7) mode parameter to admin/configuration-partial.php. NOTE: some of these details are obtained from third party information.
References
Link | Resource |
---|---|
http://secunia.com/advisories/34923 | Vendor Advisory |
http://www.insight-tech.org/index.php?p=Ulteo-Open-Virtual-Desktop-v1-0-multiple-XSS | URL Repurposed |
http://www.securityfocus.com/bid/34927 | |
http://www.ulteo.com/home/en/ovdi/openvirtualdesktop/downloadnow?autolang=en | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:23:59
Updated: 2022-10-03T16:23:59
Reserved: 2022-10-03T00:00:00
Link: CVE-2009-1775
JSON object: View
NVD Information
Status : Analyzed
Published: 2009-05-22T20:30:00.717
Modified: 2024-02-14T01:17:43.863
Link: CVE-2009-1775
JSON object: View
Redhat Information
No data.
CWE