Unrated severityNVD Advisory· Published Sep 13, 2011· Updated Jun 16, 2026
CVE-2009-5099
CVE-2009-5099
Description
Cross-site scripting (XSS) vulnerability in ViewAction in Pentaho BI Server 1.7.0.1062 and earlier allows remote attackers to inject arbitrary web script or HTML via the outputType parameter.
Affected products
4Patches
Vulnerability mechanics
References
5- antisnatchor.com/2009/06/20/pentaho-1701062-multiple-vulnerabilities/nvdExploit
- jira.pentaho.com/browse/BISERVER-2698nvdExploit
- secunia.com/advisories/37024nvdVendor Advisory
- www.vupen.com/english/advisories/2009/2972nvdVendor Advisory
- www.securityfocus.com/archive/1/507168/100/0/threadednvd
News mentions
0No linked articles in our index yet.