Lucene search

[email protected]CVE-2010-4504

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-4504

2022-10-0316:21:06

CWE-79

[email protected]

web.nvd.nist.gov

cve

2010

4504

cross-site scripting

xss

esyndicat directory

web script

html

suggest-category.php

suggest-listing.php

remote attackers

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat Directory 2.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter to (1) suggest-category.php and (2) suggest-listing.php.

Affected configurations

NVD

Node

intelliantsesyndicatMatch2.3

CPENameOperatorVersion
intelliants:esyndicatintelliants esyndicateq2.3

CPE	Name	Operator	Version
intelliants:esyndicat	intelliants esyndicat	eq	2.3

References

osvdb.org/69638

osvdb.org/69639

packetstormsecurity.org/files/view/96181/esyndicat23-xss.txt

secunia.com/advisories/42484

www.securityfocus.com/bid/45093

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.6%

JSON

Related for CVE-2010-4504

cvelist1 nvd1 prion1