Cross-Site Scripting Vulnerability in ATRC ACollab by ATRC
CVE-2009-4941

Currently unrated

Key Information:

Vendor: Atutor
Status: Acollab
Vendor: CVE Published:; 22 July 2010

What is CVE-2009-4941?

An XSS vulnerability exists in the sign_in.php file of ATRC ACollab version 1.2, which allows remote attackers to inject arbitrary web scripts or HTML via the 'f' parameter. This vulnerability can lead to unauthorized actions being performed on behalf of users or the execution of malicious scripts in the context of the affected application.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/50833

vdb-entryx_refsource_XF

http://www.osvdb.org/54798

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/35173

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 22, 2010
Vulnerability Reserved
Jul 21, 2010

CVE-2009-4941 Data

JSON

Atutor

What is CVE-2009-4941?

References

Timeline