JVNDB-2009-000001

[Japanese]
JVNDB-2009-000001
MyNETS cross-site scripting vulnerability
Overview
MyNETS, an open source SNS software, contains a cross-site scripting vulnerability. MyNETS from Usagi Project is an open source SNS (Social Networking Service) software. MyNETS contains a cross-site scripting vulnerability.
CVSS Severity (What is CVSS?)
Base Metrics: 3.5 (Low) [IPA Score] Access Vector: Network Access Complexity: Medium Authentication: Single Instance Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
Affected Products
Usagi Project MyNETS Ver1.2.0.1 and earlier
Impact
If a user views a specially crafted web page, an arbitrary script may be executed on the user's web browser.
Solution
[Update the Software] Update to the latest version according to the information provided by the developers.
Vendor Information
Usagi Project PRESS archives : 20090107 (Japanese)
References
JVN : JVN#36802959 National Vulnerability Database (NVD) : CVE-2009-0245 Common Vulnerabilities and Exposures (CVE) : CVE-2009-0245 Secunia Advisory : SA33409 SecurityFocus : 33145 Common Weakness Enumeration (CWE) : Cross-site scripting (CWE-79) [IPA Evaluation] JVN iPedia (Japanese) : JVNDB-2009-000001
Revision History
[2009/01/08] Web page published

Date Public	2009/01/07
Date First Published	2009/01/08
Date Last Updated	2009/01/08

MyNETS cross-site scripting vulnerability