Cross-Site Scripting Vulnerability in Windows Search for Microsoft Windows
CVE-2009-0239

Currently unrated

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
10 June 2009

What is CVE-2009-0239?

A vulnerability exists in Windows Search 4.0 on specific versions of Microsoft Windows, which allows user-assisted remote attackers to inject malicious web scripts or HTML through specially crafted files. These files may appear in the preview pane of search results, leading to potential script execution. This security issue could be exploited to manipulate user sessions and gain unauthorized information.

References

EPSS Score

38% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.