{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat","dateUpdated":"2009-11-17T18:00:00.000Z"},"references":[{"name":"[oss-security] 20091116 Re: CVE Id request: request-tracker","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2009/11/16/4"},{"name":"[rt-announce] 20090914 RT 3.8.5 Released","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000173.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546778"},{"name":"[rt-announce] 20090914 RT 3.6.9 Released","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000172.html"},{"name":"[oss-security] 20091115 CVE Id request: request-tracker","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2009/11/15/1"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T06:45:50.610Z"},"title":"CVE Program Container","references":[{"name":"[oss-security] 20091116 Re: CVE Id request: request-tracker","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2009/11/16/4"},{"name":"[rt-announce] 20090914 RT 3.8.5 Released","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000173.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=546778"},{"name":"[rt-announce] 20090914 RT 3.6.9 Released","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000172.html"},{"name":"[oss-security] 20091115 CVE Id request: request-tracker","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2009/11/15/1"}]}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2009-3892","state":"PUBLISHED","dateReserved":"2009-11-05T00:00:00.000Z","datePublished":"2009-11-17T18:00:00.000Z","dateUpdated":"2024-08-07T06:45:50.610Z"},"dataType":"CVE_RECORD","dataVersion":"5.1"}