Unrated severityNVD Advisory· Published Dec 17, 2009· Updated Jun 16, 2026
CVE-2009-4347
CVE-2009-4347
Description
Cross-site scripting (XSS) vulnerability in daloradius-users/login.php in daloRADIUS 0.9-8 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter.
Affected products
14cpe:2.3:a:liran_tal:daloradius:*:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:liran_tal:daloradius:*:*:*:*:*:*:*:*range: <=0.9-8
- cpe:2.3:a:liran_tal:daloradius:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:liran_tal:daloradius:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:liran_tal:daloradius:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:liran_tal:daloradius:0.9-1:*:*:*:*:*:*:*
- cpe:2.3:a:liran_tal:daloradius:0.9-2:*:*:*:*:*:*:*
- cpe:2.3:a:liran_tal:daloradius:0.9-3:*:*:*:*:*:*:*
- cpe:2.3:a:liran_tal:daloradius:0.9-4:*:*:*:*:*:*:*
- cpe:2.3:a:liran_tal:daloradius:0.9-5:*:*:*:*:*:*:*
- cpe:2.3:a:liran_tal:daloradius:0.9-6:*:*:*:*:*:*:*
- cpe:2.3:a:liran_tal:daloradius:0.9-7:*:*:*:*:*:*:*
- cpe:2.3:a:liran_tal:daloradius:0.9-7:rc1:*:*:*:*:*:*
- cpe:2.3:a:liran_tal:daloradius:0.9-7:rc2:*:*:*:*:*:*
- Range: <=0.9-8
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.