Vulnerabilities > Lightneasy > Lightneasy > 2.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-06-05 | CVE-2009-1937 | Cross-Site Scripting vulnerability in Lightneasy 2.2.1/2.2.2 Cross-site scripting (XSS) vulnerability in the comment posting feature in LightNEasy 2.2.1 "no database" (aka flat) and 2.2.2 SQLite allows remote attackers to inject arbitrary web script or HTML via the (1) commentname (aka Author), (2) commentemail (aka Email), and (3) commentmessage (aka Comment) parameters. | 4.3 |