Lucene search

K
cve[email protected]CVE-2010-4275
HistoryDec 22, 2010 - 3:00 a.m.

CVE-2010-4275

2010-12-2203:00:03
CWE-79
web.nvd.nist.gov
20
cve
2010
4275
xss
vulnerabilities
radius manager 3.8.0
remote
injection
web script
html
update_usergroup
store_nas
admin.php

5.4 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

41.9%

Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) name or (2) descr parameter in an (a) update_usergroup or a (b) store_nas action to admin.php.

Affected configurations

NVD
Node
dmasoftlabradius_managerMatch3.8.0

5.4 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

41.9%