Vulnerabilities > Malcom BOX > LXR Cross Referencer > 0.9.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-06-24 | CVE-2010-1448 | Cross-Site Scripting vulnerability in Malcom BOX LXR Cross Referencer Cross-site scripting (XSS) vulnerability in lib/LXR/Common.pm in LXR Cross Referencer before 0.9.8 allows remote attackers to inject arbitrary web script or HTML via vectors related to a string in the search page's TITLE element, a different vulnerability than CVE-2009-4497 and CVE-2010-1625. | 4.3 |
| 2010-01-07 | CVE-2009-4497 | Cross-Site Scripting vulnerability in Malcom BOX LXR Cross Referencer 0.9.5/0.9.6 Cross-site scripting (XSS) vulnerability in LXR Cross Referencer 0.9.5 and 0.9.6 allows remote attackers to inject arbitrary web script or HTML via the i parameter to the ident program. | 4.3 |