CVE-2009-1454
Andrew Simpson Webcollab < 2.40 - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab before 2.50 (aka Billy Goat) allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action.
References (6)
Scores
EPSS
0.0047
EPSS Percentile
64.5%
Classification
CWE
CWE-79
Status
published
Affected Products (5)
andrew_simpson/webcollab
< 2.40
andrew_simpson/webcollab
andrew_simpson/webcollab
andrew_simpson/webcollab
n/a/n/a
Timeline
Published
Apr 28, 2009
Tracked Since
Feb 18, 2026