Your submission was sent successfully! Close

CVE-2009-4422

Published: 24 December 2009

Multiple cross-site scripting (XSS) vulnerabilities in the GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph 3.0.6 allow remote attackers to inject arbitrary web script or HTML via a key to csim_in_html_ex1.php, and other unspecified vectors.

Priority

Low

Status

Package Release Status
libphp-jpgraph
Launchpad, Ubuntu, Debian
dapper Ignored
(reached end-of-life)
hardy Ignored
(reached end-of-life)
intrepid Needed
(reached end-of-life)
jaunty Ignored
(reached end-of-life)
karmic Ignored
(reached end-of-life)
lucid Not vulnerable
(1.5.2-12)
maverick Ignored
(reached end-of-life)
natty Ignored
(reached end-of-life)
oneiric Ignored
(reached end-of-life)
precise Not vulnerable
(1.5.2-12)
quantal Not vulnerable
(1.5.2-12)
raring Not vulnerable
(1.5.2-12.1)
saucy Not vulnerable
(1.5.2-12.1)
upstream Needed