Approved changes feed: RSS · Atom

cpe:2.3:a:agavi:agavi:1.0.0:beta3:*:*:*:*:*:*

part: a version: 1.0.0 update: beta3

VendorAgavi (eaf70344-0c0f-50d7-be5c-b37197bdc2d8)
ProductAgavi (542539a1-ce41-5b38-8598-d9d70368a7d7)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/agavi/agavi purl2cpe 2026-06-01 10:17:29.306306

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2009-0417 vulnerable 2026-06-08 04:51:09.392068 Details available
Cross-site scripting (XSS) vulnerability in the AgaviWebRouting::gen(null) method in Agavi 0.11 before 0.11.6 and 1.0 before 1.0.0 beta 8 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with certain characters that are not properly handled by web browsers that do not strictly follow RFC 3986, such as Internet Explorer 6 and 7.
Published: 2009-02-06T00:00:00.000Z
Updated: 2024-08-07T04:31:26.177Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.