CVE-2009-3440 Information

Description

Cross-site scripting (XSS) vulnerability in Open Source Security Information Management (OSSIM) before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the option parameter to the default URI (aka the main menu).

Reference

http://dsecrg.com/pages/vul/show.php?id=155 http://secunia.com/advisories/36867 http://www.securityfocus.com/archive/1/506663/100/0/threaded http://www.securityfocus.com/bid/36504