Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-2477

Опубликовано: 06 нояб. 2010
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to (1) paste.urlparser.StaticURLParser, (2) paste.urlparser.PkgResourcesParser, (3) paste.urlmap.URLMap, and (4) HTTPNotFound.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:pythonpaste:paste:*:*:*:*:*:*:*:*
Версия до 1.7.3.1 (включая)
cpe:2.3:a:pythonpaste:paste:0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:0.3:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:0.5:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:1.1:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:1.2:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:1.3:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:1.4:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:1.5:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:1.6:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:1.7:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:pythonpaste:paste:1.7.3:*:*:*:*:*:*:*

EPSS

Процентиль: 66%
0.0052
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2010-2477

ubuntu
около 15 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to (1) paste.urlparser.StaticURLParser, (2) paste.urlparser.PkgResourcesParser, (3) paste.urlmap.URLMap, and (4) HTTPNotFound.

redhat логотип

CVE-2010-2477

redhat
больше 15 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to (1) paste.urlparser.StaticURLParser, (2) paste.urlparser.PkgResourcesParser, (3) paste.urlmap.URLMap, and (4) HTTPNotFound.

debian логотип

CVE-2010-2477

debian
около 15 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the paste.httpe ...

github логотип

GHSA-7gfc-2v6g-6w9f

CVSS3: 6.1
github
больше 3 лет назад

Paste is vulnerable to Cross-site Scripting via vectors involving a 404 status code

EPSS

Процентиль: 66%
0.0052
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79