Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) rssfeedURL parameter to manual/caferss/example.php and the sumb parameter to (2) modules/news/archive.php, (3) modules/news/topics.php, and (4) modules/contact/index.php, different vectors than CVE-2007-1965.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2010-11-03T19:00:00
Updated: 2024-08-07T03:34:37.471Z
Reserved: 2010-11-03T00:00:00
Link: CVE-2010-4155
Vulnrichment
No data.
NVD
Status : Modified
Published: 2010-11-03T20:00:04.420
Modified: 2024-11-21T01:20:19.660
Link: CVE-2010-4155
Redhat
No data.