CVE-2009-10002 LOW

CVE-2009-10002: dpup fittr-flickr EXIF Preview easy-exif.js cross site scripting

Vendor Dpup
Product fittr-flickr
Weakness CWE-79 · XSS
Published January 13, 2023
Last update November 25, 2024

CVSS base score

3.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability, which was classified as problematic, has been found in dpup fittr-flickr. This issue affects some unknown processing of the file fittr-flickr/features/easy-exif.js of the component EXIF Preview Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier of the patch is 08875dd8a2e5d0d16568bb0d67cb4328062fccde. It is recommended to apply a patch to fix this issue. The identifier VDB-218297 was assigned to this vulnerability.

Key dates

02Disclosure timeline

January 13, 2023 CVE published
November 25, 2024 Record updated

Related vulnerabilities

04Related CVE