CVE-2009-2907

Published: Mar 24, 2010Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in SpringSource tc Server 6.0.20.B and earlier, Application Management Suite (AMS) before 2.0.0.SR4, Hyperic HQ Open Source before 4.2.x, Hyperic HQ 4.0 Enterprise before 4.0.3.2, and Hyperic HQ 4.1 Enterprise before 4.1.2.1 allow remote attackers to inject arbitrary web script or HTML via the description field and unspecified "input fields."

Affected (5)

Products: Springsource: Application Management Suite, Hyperic Hq, Tc Server

Springsource

3 products

Application Management Suite

Hyperic Hq

Tc Server

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Springsource Application Management Suite	Up to 2.0.0
Springsource Hyperic Hq	Up to 4.0.0
Springsource Hyperic Hq	Up to 4.1.0
Springsource Hyperic Hq	Up to 4.2
Springsource Tc Server	Up to 6.0.20