Cross-site Scripting Vulnerability in SmarterTools SmarterTrack
CVE-2009-4994

Currently unrated

Key Information:

Vendor: Smartertools
Status: Smartertrack
Vendor: CVE Published:; 25 August 2010

What is CVE-2009-4994?

The SmarterTools SmarterTrack application is susceptible to a Cross-site Scripting (XSS) vulnerability. This flaw exists in the frmKBSearch.aspx page, allowing remote attackers to inject arbitrary web scripts or HTML through the search parameter. Exploiting this vulnerability could enable attackers to execute malicious scripts in the context of the user's browser, potentially leading to data theft or session hijacking.

References

http://holisticinfosec.org/content/view/123/45/

x_refsource_MISC

http://www.smartertools.com/SmarterTrack/ReleaseNotes.aspx

x_refsource_CONFIRM

http://secunia.com/advisories/36172

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 25, 2010

Smartertools

What is CVE-2009-4994?

References

Timeline