5 matches found
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-2155. Reason: This candidate is a duplicate of CVE-2010-2155. Notes: All CVE users should reference CVE-2010-2155 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
[SECURITY] [DSA 2056-1] New zonecheck packages fix cross-site scripting
------------------------------------------------------------------------ Debian Security Advisory DSA-2056-1 [email protected] http://www.debian.org/security/ Sébastien Delafond June 06, 2010 http://www.debian.org/security/faq -...
CVE-2010-2155
Multiple cross-site scripting XSS vulnerabilities in zc/publisher/html.rb in ZoneCheck 2.1.0 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 xmlnode.value, 2 zc-error text, 3 $zcversion, 4 domainname in a zc-title row, different vulnerabilities than...
CVE-2010-2155
Multiple cross-site scripting XSS vulnerabilities in zc/publisher/html.rb in ZoneCheck 2.1.0 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 xmlnode.value, 2 zc-error text, 3 $zcversion, 4 domainname in a zc-title row, different vulnerabilities than...
CVE-2010-2155
CVE-2010-2155 covers cross-site scripting in ZoneCheck 2.1.0 (zn: zc/publisher/html.rb), enabling remote script/HTML injection via (xmlnode.value, zc-error text, $zc_version, domainname in a zc-title row). Connected advisories confirm this issue and note the impact as XSS. Remediation: Debian fix...