CVE-2009-4852

Name of the Vulnerable Software and Affected Versions SemanticScuttle versions prior to 0.94.1

Description The issue involves multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the sort parameter to "index.php", and potentially other unspecified vectors.

Recommendations For versions prior to 0.94.1, update to version 0.94.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the "index.php" page or avoiding the use of the sort parameter until the update is applied.