VYPR
Moderate severityNVD Advisory· Published Aug 25, 2009· Updated Jun 16, 2026

CVE-2009-2959

CVE-2009-2959

Description

Cross-site scripting (XSS) vulnerability in the waterfall web status view (status/web/waterfall.py) in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
buildbotPyPI
>= 0.7.6, < 0.7.11p30.7.11p3

Affected products

10
  • Buildbot/Buildbot9 versions
    cpe:2.3:a:buildbot:buildbot:0.7.10:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:buildbot:buildbot:0.7.10:*:*:*:*:*:*:*
    • cpe:2.3:a:buildbot:buildbot:0.7.10p1:*:*:*:*:*:*:*
    • cpe:2.3:a:buildbot:buildbot:0.7.11:*:*:*:*:*:*:*
    • cpe:2.3:a:buildbot:buildbot:0.7.11p1:*:*:*:*:*:*:*
    • cpe:2.3:a:buildbot:buildbot:0.7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:buildbot:buildbot:0.7.7:*:*:*:*:*:*:*
    • cpe:2.3:a:buildbot:buildbot:0.7.8:*:*:*:*:*:*:*
    • cpe:2.3:a:buildbot:buildbot:0.7.9:*:*:*:*:*:*:*
    • (no CPE)range: >=0.7.6, <=0.7.11p1
  • ghsa-coords
    Range: >= 0.7.6, < 0.7.11p3

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.