CVE-2010-4792

Опубликовано: 27 апр. 2011

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in title.php in OPEN IT OverLook 5.0 allows remote attackers to inject arbitrary web script or HTML via the frame parameter.

Ссылки

http://anatoliasecurity.com/adv/as-adv-2010-002.txt
http://packetstormsecurity.org/1010-exploits/overlook-xss.txt
Exploit
http://secunia.com/advisories/41771
Vendor Advisory
http://securityreason.com/securityalert/8220
http://www.securityfocus.com/bid/43872
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/62361
http://anatoliasecurity.com/adv/as-adv-2010-002.txt
http://packetstormsecurity.org/1010-exploits/overlook-xss.txt
Exploit
http://secunia.com/advisories/41771
Vendor Advisory
http://securityreason.com/securityalert/8220
http://www.securityfocus.com/bid/43872
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/62361

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openit:overlook:5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.04088

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-qv24-jf7w-mgpv

github

больше 3 лет назад