Lucene search
Ubuntu.comUB:CVE-2010-2480HistoryJul 02, 2010 - 12:00 a.m.
CVE-2010-2480
2010-07-0200:00:00
ubuntu.com
ubuntu.com
4
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
59.9%
Mako before 0.3.4 relies on the cgi.escape function in the Python standard
library for cross-site scripting (XSS) protection, which makes it easier
for remote attackers to conduct XSS attacks via vectors involving
single-quote characters and a JavaScript onLoad event handler for a BODY
element.
Bugs
Related
openvas
openvas
Mako 'cgi.escape()' Cross-Site Scripting Vulnerability
2010-07-16 00:00:00
Ubuntu Update for mako vulnerability USN-996-1
2010-10-01 00:00:00
Ubuntu: Security Advisory (USN-996-1)
2010-10-01 00:00:00
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2010-09-30 00:00:00
[USN-996-1] Mako vulnerability
2010-09-30 00:00:00
nessus
nessus
Ubuntu 10.04 LTS : mako vulnerability (USN-996-1)
2010-10-06 00:00:00
openSUSE Security Update : python-mako (openSUSE-SU-2010:0383-1)
2014-06-13 00:00:00
openSUSE Security Update : python-mako (openSUSE-SU-2010:0383-1)
2010-07-19 00:00:00
osv
osv
PYSEC-2010-1
2010-07-02 19:00:00
Mako contains Cross-site Scripting vulnerability
2022-05-17 05:48:31
ubuntu
ubuntu
Mako vulnerability
2010-09-29 00:00:00
cve
cve
CVE-2010-2480
2010-07-02 19:00:00
debiancve
debiancve
CVE-2010-2480
2010-07-02 19:00:00
altlinux
altlinux
prion
prion
Cross site scripting
2010-07-02 19:00:00
cvelist
cvelist
CVE-2010-2480
2010-07-02 18:30:00
github
github
Mako contains Cross-site Scripting vulnerability
2022-05-17 05:48:31
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
59.9%
Related for UB:CVE-2010-2480