Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2010-4710
HistoryJan 28, 2011 - 9:00 p.m.

CVE-2010-4710

2011-01-2821:00:28
CWE-79
mitre
web.nvd.nist.gov
47
cve-2010-4710
cross-site scripting
xss vulnerability
yui
menu widget
security
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.2

Confidence

High

EPSS

0.002

Percentile

64.5%

JSON

Cross-site scripting (XSS) vulnerability in the addItem method in the Menu widget in YUI before 2.9.0 allows remote attackers to inject arbitrary web script or HTML via a field that is added to a menu, related to documentation that specifies this field as a text field rather than an HTML field, a similar issue to CVE-2010-4569 and CVE-2010-4570.

Affected configurations

Nvd
Node
yahooyuiRange2.8.2
OR
yahooyuiMatch2.2.0
OR
yahooyuiMatch2.2.2
OR
yahooyuiMatch2.3.0
OR
yahooyuiMatch2.3.1
OR
yahooyuiMatch2.4.0
OR
yahooyuiMatch2.4.1
OR
yahooyuiMatch2.5.0
OR
yahooyuiMatch2.5.1
OR
yahooyuiMatch2.5.2
OR
yahooyuiMatch2.6.0
OR
yahooyuiMatch2.7.0
OR
yahooyuiMatch2.8.0
OR
yahooyuiMatch2.8.1
OR
yahooyuiMatch2.8.1pr1
VendorProductVersionCPE
yahooyui*cpe:2.3:a:yahoo:yui:*:*:*:*:*:*:*:*
yahooyui2.2.0cpe:2.3:a:yahoo:yui:2.2.0:*:*:*:*:*:*:*
yahooyui2.2.2cpe:2.3:a:yahoo:yui:2.2.2:*:*:*:*:*:*:*
yahooyui2.3.0cpe:2.3:a:yahoo:yui:2.3.0:*:*:*:*:*:*:*
yahooyui2.3.1cpe:2.3:a:yahoo:yui:2.3.1:*:*:*:*:*:*:*
yahooyui2.4.0cpe:2.3:a:yahoo:yui:2.4.0:*:*:*:*:*:*:*
yahooyui2.4.1cpe:2.3:a:yahoo:yui:2.4.1:*:*:*:*:*:*:*
yahooyui2.5.0cpe:2.3:a:yahoo:yui:2.5.0:*:*:*:*:*:*:*
yahooyui2.5.1cpe:2.3:a:yahoo:yui:2.5.1:*:*:*:*:*:*:*
yahooyui2.5.2cpe:2.3:a:yahoo:yui:2.5.2:*:*:*:*:*:*:*
Rows per page:
1-10 of 151

Related

prion 3
cvelist 3
ubuntucve 3
nvd 3
cve 2
openvas 4
ibm 2
gentoo 1
nessus 1
prion
prion
Cross site scripting
2011-01-28 21:00:00
Cross site scripting
2011-01-28 16:00:00
Cross site scripting
2011-01-28 16:00:00
cvelist
cvelist
CVE-2010-4710
2011-01-28 20:29:00
CVE-2010-4570
2011-01-28 15:00:00
CVE-2010-4569
2011-01-28 15:00:00
ubuntucve
ubuntucve
CVE-2010-4710
2011-01-28 00:00:00
CVE-2010-4570
2011-01-28 00:00:00
CVE-2010-4569
2011-01-28 00:00:00
nvd
nvd
CVE-2010-4710
2011-01-28 21:00:28
CVE-2010-4570
2011-01-28 16:00:02
CVE-2010-4569
2011-01-28 16:00:02
cve
cve
CVE-2010-4570
2011-01-28 16:00:02
CVE-2010-4569
2011-01-28 16:00:02
openvas
openvas
Bugzilla Multiple Vulnerabilities
2011-01-26 00:00:00
Bugzilla Multiple Vulnerabilities
2011-01-26 00:00:00
Gentoo Security Advisory GLSA 201110-03 (bugzilla)
2012-02-12 00:00:00
ibm
ibm
Security Bulletin: Security vulnerabilities have been identified in BigFix Platform shipped with IBM License Metric Tool.
2020-07-24 08:16:46
Security Bulletin: IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities
2020-10-07 22:53:38
gentoo
gentoo
Bugzilla: Multiple vulnerabilities
2011-10-10 00:00:00
nessus
nessus
GLSA-201110-03 : Bugzilla: Multiple vulnerabilities
2011-10-11 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.2

Confidence

High

EPSS

0.002

Percentile

64.5%

JSON
Related for CVE-2010-4710
prion3cvelist3ubuntucve3nvd3cve2openvas4ibm2gentoo1nessus1