Unrated severityNVD Advisory· Published Jan 6, 2010· Updated Apr 23, 2026

CVE-2009-4573

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus (mod_joomulus) module 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action to (1) tagcloud_ell.swf, (2) tagcloud_eng.swf, (3) tagcloud_por.swf, (4) tagcloud_rus.swf, and possibly (5) tagcloud_jpn.swf. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected products

Joomlabear/Mod Joomulus
cpe:2.3:a:joomlabear:mod_joomulus:2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/37994nvdVendor Advisory
www.osvdb.org/61343nvd
www.osvdb.org/61344nvd
www.osvdb.org/61345nvd
www.osvdb.org/61346nvd
exchange.xforce.ibmcloud.com/vulnerabilities/55156nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000