Unrated severityNVD Advisory· Published Dec 30, 2009· Updated Jun 16, 2026
CVE-2009-4478
CVE-2009-4478
Description
Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:xstate:real_estate:1.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:xstate:real_estate:1.0:*:*:*:*:*:*:*
- (no CPE)range: = 1.0
Patches
Vulnerability mechanics
References
5- osvdb.org/57671nvdExploit
- osvdb.org/57672nvdExploit
- secunia.com/advisories/36529nvdVendor Advisory
- www.exploit-db.com/exploits/9565nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/52970nvd
News mentions
0No linked articles in our index yet.