CVE-2009-4890
Retrieve Vbook - XSS
Title source: ruleDescription
Multiple cross-site scripting (XSS) vulnerabilities in the login application in vBook 4.2.17 allow remote attackers to inject arbitrary web script or HTML via the (1) title and (2) message parameters.
Scores
EPSS
0.0025
EPSS Percentile
48.5%
Classification
CWE
CWE-79
Status
published
Affected Products (2)
retrieve/vbook
n/a/n/a
Timeline
Published
Jun 11, 2010
Tracked Since
Feb 18, 2026