Unrated severityNVD Advisory· Published May 7, 2010· Updated Apr 29, 2026

CVE-2009-4852

Description

Multiple cross-site scripting (XSS) vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from third party information.

Affected products

Festic/Semanticscuttle10 versions
cpe:2.3:a:festic:semanticscuttle:*:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:festic:semanticscuttle:*:*:*:*:*:*:*:*range: <=0.94
- cpe:2.3:a:festic:semanticscuttle:0.85:*:*:*:*:*:*:*
- cpe:2.3:a:festic:semanticscuttle:0.86:*:*:*:*:*:*:*
- cpe:2.3:a:festic:semanticscuttle:0.87:*:*:*:*:*:*:*
- cpe:2.3:a:festic:semanticscuttle:0.88:*:*:*:*:*:*:*
- cpe:2.3:a:festic:semanticscuttle:0.89:*:*:*:*:*:*:*
- cpe:2.3:a:festic:semanticscuttle:0.90:*:*:*:*:*:*:*
- cpe:2.3:a:festic:semanticscuttle:0.91:*:*:*:*:*:*:*
- cpe:2.3:a:festic:semanticscuttle:0.92:*:*:*:*:*:*:*
- cpe:2.3:a:festic:semanticscuttle:0.93:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/37387nvdVendor Advisory
semanticscuttle.svn.sourceforge.net/viewvc/semanticscuttle/branches/0.94.1/ChangeLognvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000