Multiple cross-site scripting (XSS) vulnerabilities in Ulteo Open Virtual Desktop 1.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) admin/applications.php, (2) admin/appsgroup.php, (3) admin/users.php, (4) admin/usersgroup.php, and (5) admin/tasks.php; (6) show parameter to admin/logs.php; and (7) mode parameter to admin/configuration-partial.php. NOTE: some of these details are obtained from third party information.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2009-05-22T20:00:00Z
Updated: 2024-09-16T19:46:01.600Z
Reserved: 2009-05-22T00:00:00Z
Link: CVE-2009-1775
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2009-05-22T20:30:00.717
Modified: 2024-02-14T01:17:43.863
Link: CVE-2009-1775
Redhat
No data.