CVE-2010-4264
N/A
N/A
Summary
It was found in vanilla forums before 2.0.10 a cross-site scripting vulnerability where a filename could contain arbitrary code to execute on the client side.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | vanilla forums | vanilla forums before 2.0.10 | affected |
Weaknesses
- CWE-79: CWE-79
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/vanilla/vanilla/commit/4535a059e4e24ca11a2ef0b4d754f262398bcece
- https://seclists.org/oss-sec/2010/q4/282
References
- https://github.com/vanilla/vanilla/commit/4535a059e4e24ca11a2ef0b4d754f262398bcece
- https://seclists.org/oss-sec/2010/q4/282
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.