2 matches found
Symphony CMS Cross-Site Scripting (CVE-2010-3457)
A cross site scripting vulnerability exists in Symphony CMS. Successful exploitation of this vulnerability could allow attackers to execute arbitrary code on the affected system...
CVE-2010-3457
CVE-2010-3457 affects Symphony CMS versions 2.0.7 and 2.1.1, with concrete XSS flaws exploitable via the fields[website] parameter in post comments and the send-email[recipient] parameter to the about/ page. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML. No exp...