CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2009-2739

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.1000%
EPSS Percentile43.50th
Published2009年8月11日
Last Modified2026年4月23日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in FreeNAS before 0.69.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Affected Platforms (CPE)

📦
Freenas

Freenas

<= 0.69.1
📦
Freenas

Freenas

= 0.69
📦
Freenas

Freenas

= 0.686.3
📦
Freenas

Freenas

= 0.686.4

References & Advisories

🔗 http://jvn.jp/en/jp/JVN89791790/index.html
🔗 http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000052.html
🔗 http://www.freenas.org/index.php?option=com_frontpage&Itemid=22
🔗 http://www.securityfocus.com/bid/36146
🔗 http://jvn.jp/en/jp/JVN89791790/index.html
🔗 http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000052.html
🔗 http://www.freenas.org/index.php?option=com_frontpage&Itemid=22
🔗 http://www.securityfocus.com/bid/36146

相關漏洞威脅

CVE-2014-53349.8

FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by leveraging a WebGui log...

CVE-2020-116507.5

An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of serv...

CVE-2009-27384.3

Cross-site request forgery (CSRF) vulnerability in the WebGUI in FreeNAS before 0.7RC1 allows remote attackers to hijack the authe...

CVE-2010-20059

FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in its web interface. The exec_raw.php...