Loading
Cross-site scripting (XSS) vulnerability in login/default.aspx in Sitecore CMS before 6.0.2 Update-1 090507 allows remote attackers to inject arbitrary web script or HTML via the sc_error parameter.
Use CWE-79, Sitecore vendor hub and Cms product page to widen CVE-2009-2163 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2019-9874, CVE-2019-9875 and CVE-2019-11198 for nearby disclosures in the same product family.