Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
References 7 Total
- https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127
- securityfocus.com: 20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS mailing-list
- secunia.com: 37025 third-party-advisory
- exchange.xforce.ibmcloud.com: eclipse-report-xss(53773) vdb-entry
- http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss
- securityfocus.com: 36674 vdb-entry
- osvdb.org: 58941 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 7 Total
- https://bugs.eclipse.org/bugs/show_bug.cgi?id=259127 x_transferred
- securityfocus.com: 20091013 [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS mailing-listx_transferred
- secunia.com: 37025 third-party-advisoryx_transferred
- exchange.xforce.ibmcloud.com: eclipse-report-xss(53773) vdb-entryx_transferred
- http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss x_transferred
- securityfocus.com: 36674 vdb-entryx_transferred
- osvdb.org: 58941 vdb-entryx_transferred