CVE-2009-1175 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-1175 Interim 1 3 2021-06-09T08:49:08Z current 2021-05-30T12:46:31Z 2021-06-09T08:49:08Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-1175 Cross-site scripting (XSS) vulnerability in apps/web/vs_diag.cgi in the DAAP extension in Banshee 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the server parameter, which is not properly handled in an error message. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings Cross-site scripting (XSS) vulnerability in apps/web/vs_diag.cgi in the DAAP extension in Banshee 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the server parameter, which is not properly handled in an error message. CVE-2009-1175 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N