2 matches found
CVE-2015-10010
CVE-2015-10010 affects OpenDNS OpenResolve API: the get function in resolverapi/endpoints.py enables cross-site scripting. Exploitation is remote; attack complexity is high and exploitation is reportedly difficult. The patch c680170d5583cd9342fe1af43001fe8b2b8004dd fixes this issue; applying the ...
CVE-2015-10011
CVE-2015-10011 affects OpenDNS OpenResolve, specifically the resolverapi/endpoints.py component. The root cause is improper output neutralization for logs, enabling high-severity impact per CVSSv3.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base score 9.8). A patch is identified (9eba6ba5abd...