CVE-2010-5303

2014-08-21T23:55:00
ID CVE-2010-5303
Type cve
Reporter cve@mitre.org
Modified 2014-08-22T14:18:00

Description

Cross-site scripting (XSS) vulnerability in the displayError function in timthumb.php in TimThumb before 1.15 (r85), as used in multiple products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to $errorString.