CVE-2010-4757

Опубликовано: 15 мар. 2011

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in submitnews.php in e107 before 0.7.23 allows remote attackers to inject arbitrary web script or HTML via the submitnews_title parameter, a different vector than CVE-2008-6208. NOTE: some of these details are obtained from third party information. NOTE: this might be the same as CVE-2009-4083.1 or CVE-2011-0457.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:e107:e107:*:*:*:*:*:*:*:*

Версия до 0.7.22 (включая)

cpe:2.3:a:e107:e107:0.6_10:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.6_11:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.6_12:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.6_13:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.6_14:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.6_15:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.6_15a:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.0:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.1:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.2:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.3:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.4:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.5:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.6:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.7:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.8:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.9:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.10:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.11:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.12:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.13:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.14:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.15:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.16:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.17:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.18:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.19:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.20:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.7.21:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.545:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.547:beta:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.548:beta:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.549:beta:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.551:beta:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.552:beta:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.553:beta:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.554:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.554:beta:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.555:beta:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.600:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.601:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.602:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.603:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.604:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.605:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.606:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.607:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.608:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.609:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.610:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.611:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.612:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.613:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.614:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.615:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.615a:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.616:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.617:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.6171:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.6172:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.6173:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.6174:*:*:*:*:*:*:*

cpe:2.3:a:e107:e107:0.6175:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00475

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-245h-cphj-6cq7

github

больше 3 лет назад