Vulnerabilities > Modernmethod > Sajax > 0.12
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-11 | CVE-2009-0525 | Cross-Site Scripting vulnerability in Modernmethod Sajax 0.12 Cross-site scripting (XSS) vulnerability in the sajax_get_common_js function in php/Sajax.php in Sajax 0.12 allows remote attackers to inject arbitrary web script or HTML via the URL parameter, which is not properly handled when using browsers that do not URL-encode requests, such as Internet Explorer 6. | 4.3 |