CVE-2009-4406
APC Switched Rack PDU AP7932 B2 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in Forms/login1 in American Power Conversion (APC) Switched Rack PDU AP7932 B2, running rpdu 3.3.3 or 3.7.0 on AOS 3.3.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the login_username parameter.
References (5)
Scores
EPSS
0.0038
EPSS Percentile
59.0%
Classification
CWE
CWE-79
Status
published
Affected Products (4)
apc/ap7932_b2_firmware
apc/ap7932_b2_firmware
apc/ap7932_b2
n/a/n/a
Timeline
Published
Dec 23, 2009
Tracked Since
Feb 18, 2026