CVE-2009-1798

APC Network Management Card - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities on the Network Management Card (NMC) on American Power Conversion (APC) Switched Rack PDU (aka Rack Mount Power Distribution) devices and other devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the login_username vector for Forms/login1 is already covered by CVE-2009-4406.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Jamal Pecou · textremotemultiple
https://www.exploit-db.com/exploits/33405

References (4)

Scores

EPSS 0.0415
EPSS Percentile 88.5%

Classification

CWE
CWE-79
Status published

Affected Products (3)

apc/network_management_card
apc/switched_rack_pdu
n/a/n/a

Timeline

Published Dec 28, 2009
Tracked Since Feb 18, 2026