Podatność CVE-2010-3025

Podatność CVE-2010-3025

Publikacja: 2010-08-16 Modyfikacja: 2012-02-13

Opis:

	Tytuł	Autor	Data
Low	Open Blog 1.2.1 XSS vulnerability	htbridge	18.08.2010

Typ:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
4.3/10	2.9/10	8.6/10

Affected software
Tomaz-muraus -> Open blog

http://packetstormsecurity.org/1008-exploits/openblog-xssxsrf.txt

http://www.htbridge.ch/advisory/xss_vulnerability_in_open_blog.html

http://www.htbridge.ch/advisory/xss_vulnerability_in_open_blog_1.html

http://www.securityfocus.com/archive/1/512895/100/0/threaded

http://www.securityfocus.com/archive/1/512901/100/0/threaded

http://www.securityfocus.com/bid/42255

https://exchange.xforce.ibmcloud.com/vulnerabilities/60942