CVE-2010-4985

Sažetak

Cross-site scripting (XSS) vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to inject arbitrary web script or HTML via vectors involving the "Enter Reference Number Below" text box.

Reference

http://packetstormsecurity.org/1007-exploits/mykazaamnms-sqlxss.txt
http://securityreason.com/securityalert/8494
http://www.exploit-db.com/exploits/14325
http://www.securityfocus.com/bid/41542
https://exchange.xforce.ibmcloud.com/vulnerabilities/60253

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

29-08-2017 - 01:29

Objavljeno

01-11-2011 - 22:55