CVE-2009-0247

53KF Web IM - XSS

Title source: llm

Description

The server for 53KF Web IM 2009 Home, Professional, and Enterprise editions relies on client-side protection mechanisms against cross-site scripting (XSS), which allows remote attackers to conduct XSS attacks by using a modified client to send a crafted IM message, related to the msg variable.

References (3)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/48096

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/500169/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/33341

Scores

EPSS 0.0025

EPSS Percentile 48.5%

Classification

CWE

CWE-79

Status published

Affected Products (4)

53kf/web_im_2009

n/a/n/a

Timeline

Published Jan 22, 2009

Tracked Since Feb 18, 2026