Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-4647

Опубликовано: 16 нояб. 2010
Источник: redhat
CVSS2: 2.6

Описание

Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2) help/advanced/content.jsp.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Certificate System 7.2eclipseWill not fix
Red Hat Certificate System 7.3eclipseWill not fix
Red Hat Developer Suite v.3eclipseWill not fix
Red Hat Enterprise Linux 5eclipseWill not fix
Red Hat Enterprise Linux 6eclipseFixedRHSA-2011:056819.05.2011
Red Hat Enterprise Linux 6eclipse-birtFixedRHSA-2011:056819.05.2011
Red Hat Enterprise Linux 6eclipse-callgraphFixedRHSA-2011:056819.05.2011
Red Hat Enterprise Linux 6eclipse-cdtFixedRHSA-2011:056819.05.2011
Red Hat Enterprise Linux 6eclipse-changelogFixedRHSA-2011:056819.05.2011
Red Hat Enterprise Linux 6eclipse-dtpFixedRHSA-2011:056819.05.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=661901eclipse: Help Content web application vulnerable to multiple XSS

2.6 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-4647

ubuntu
почти 15 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2) help/advanced/content.jsp.

nvd логотип

CVE-2010-4647

nvd
почти 15 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2) help/advanced/content.jsp.

debian логотип

CVE-2010-4647

debian
почти 15 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Help Conten ...

github логотип

GHSA-2q22-9jhj-hx5g

github
больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2) help/advanced/content.jsp.

oracle-oval логотип

ELSA-2011-0568

oracle-oval
больше 14 лет назад

ELSA-2011-0568: eclipse security, bug fix, and enhancement update (LOW)

2.6 Low

CVSS2