Lucene search

K

RedhatCVELIST:CVE-2010-4647

HistoryJan 13, 2011 - 6:35 p.m.

CVE-2010-4647

2011-01-1318:35:00

redhat

www.cve.org

1

5.5 Medium

AI Score

Confidence

High

0.521 Medium

EPSS

Percentile

97.6%

Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2) help/advanced/content.jsp.

References

lists.fedoraproject.org/pipermail/package-announce/2010-December/052532.html

lists.fedoraproject.org/pipermail/package-announce/2010-December/052554.html

openwall.com/lists/oss-security/2011/01/06/16

openwall.com/lists/oss-security/2011/01/06/7

www.mandriva.com/security/advisories?name=MDVSA-2011:032

www.redhat.com/support/errata/RHSA-2011-0568.html

yehg.net/lab/pr0js/advisories/eclipse/%5Beclipse_help_server%5D_cross_site_scripting

bugs.eclipse.org/bugs/show_bug.cgi?id=329582

exchange.xforce.ibmcloud.com/vulnerabilities/64833

5.5 Medium

AI Score

Confidence

High

0.521 Medium

EPSS

Percentile

97.6%

Related for CVELIST:CVE-2010-4647

oraclelinux1 nessus7 openvas6 ubuntucve2 veracode1 cve2 redhat1 prion2 nvd2 debiancve2 cvelist1 ibm1