CVE-2009-0933

Published: Mar 17, 2009Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the administrative interface in Dotclear before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected (24)

Products: Dotclear: Dotclear

Dotclear

1 product

Dotclear

Configuration A

24 vulnerable

Vulnerable Software	Affected Versions
Dotclear Dotclear	Up to 2.1.4
Dotclear Dotclear	Version 1.2.1
Dotclear Dotclear	Version 1.2.2
Dotclear Dotclear	Version 1.2.3
Dotclear Dotclear	Version 1.2.4
Dotclear Dotclear	Version 1.2.5
Dotclear Dotclear	Version 1.2.6
Dotclear Dotclear	Version 1.2.7
Dotclear Dotclear	Version 1.2.8
Dotclear Dotclear	Version 2.0.1
Dotclear Dotclear	Version 2.0.2
Dotclear Dotclear	Version 2.0
Dotclear Dotclear	Version 2.0 beta_2
Dotclear Dotclear	Version 2.0 beta_3
Dotclear Dotclear	Version 2.0 beta_4
Dotclear Dotclear	Version 2.0 beta_5.2
Dotclear Dotclear	Version 2.0 beta_5.4
Dotclear Dotclear	Version 2.0 beta_6
Dotclear Dotclear	Version 2.0 beta_7
Dotclear Dotclear	Version 2.0 rc1
Dotclear Dotclear	Version 2.0 rc2
Dotclear Dotclear	Version 2.1.1
Dotclear Dotclear	Version 2.1.3
Dotclear Dotclear	Version 2.1