Approved changes feed: RSS · Atom
cpe:2.3:a:agavi:agavi:1.0.0:beta5:*:*:*:*:*:*
part: a version: 1.0.0 update: beta5
| Vendor | Agavi (eaf70344-0c0f-50d7-be5c-b37197bdc2d8) |
|---|---|
| Product | Agavi (542539a1-ce41-5b38-8598-d9d70368a7d7) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/agavi/agavi |
purl2cpe | 2026-06-01 10:17:29.309083 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2009-0417 |
vulnerable | 2026-06-08 04:51:09.393345 |
Details available
Cross-site scripting (XSS) vulnerability in the AgaviWebRouting::gen(null) method in Agavi 0.11 before 0.11.6 and 1.0 before 1.0.0 beta 8 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with certain characters that are not properly handled by web browsers that do not strictly follow RFC 3986, such as Internet Explorer 6 and 7.
Published: 2009-02-06T00:00:00.000Z
Updated: 2024-08-07T04:31:26.177Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.