exploitDog

CVE-2010-3010

Опубликовано: 15 сент. 2010

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage (SMH) was originally assigned CVE-2010-3010 due to a CNA error, but CVE-2010-3012 is the appropriate identifier for the SMH issue.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:hp:3com_officeconnect_gigabit_vpn_firewall_software:*:*:*:*:*:*:*:*

Версия до 1.0.12 (включая)

cpe:2.3:o:hp:3com_officeconnect_gigabit_vpn_firewall_software:1.0.8:*:*:*:*:*:*:*

cpe:2.3:h:hp:3crevf100-73:*:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00472

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-xjh2-m6q3-w94m

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage (SMH) was originally assigned CVE-2010-3010 due to a CNA error, but CVE-2010-3012 is the appropriate identifier for the SMH issue.

EPSS

Процентиль: 64%

0.00472

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79