CVE-2009-5113

Iwork Webglimpse < 2.18.7 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the DOC parameter.

References (2)

[Exploit] http://websecurity.com.ua/2628/

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/74184

Scores

EPSS 0.0022

EPSS Percentile 45.0%

Classification

CWE

CWE-79

Status published

Affected Products (49)

iwork/webglimpse < 2.18.7

iwork/webglimpse

... and 34 more

Timeline

Published Mar 19, 2012

Tracked Since Feb 18, 2026