Lucene search

[email protected]CVE-2010-4792

HistoryApr 27, 2011 - 12:55 a.m.

CVE-2010-4792

2011-04-2700:55:03

CWE-79

[email protected]

web.nvd.nist.gov

cve-2010-4792

cross-site scripting

xss

vulnerability

title.php

open it overlook 5.0

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.3%

JSON

Cross-site scripting (XSS) vulnerability in title.php in OPEN IT OverLook 5.0 allows remote attackers to inject arbitrary web script or HTML via the frame parameter.

Affected configurations

NVD

Node

openitoverlookMatch5.0

CPENameOperatorVersion
openit:overlookopenit overlookeq5.0

CPE	Name	Operator	Version
openit:overlook	openit overlook	eq	5.0

References

anatoliasecurity.com/adv/as-adv-2010-002.txt

packetstormsecurity.org/1010-exploits/overlook-xss.txt

secunia.com/advisories/41771

securityreason.com/securityalert/8220

www.securityfocus.com/bid/43872

exchange.xforce.ibmcloud.com/vulnerabilities/62361

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.3%

JSON

Related for CVE-2010-4792

cvelist1 openvas2 prion1 nvd1