CVE-2010-4504

2010-12-0819:00:00

mitre

www.cve.org

cross-site scripting

esyndicat directory

remote attackers

AI Score

5.8

Confidence

High

EPSS

0.004

Percentile

72.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat Directory 2.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter to (1) suggest-category.php and (2) suggest-listing.php.

References

osvdb.org/69638

osvdb.org/69639

packetstormsecurity.org/files/view/96181/esyndicat23-xss.txt

secunia.com/advisories/42484

www.securityfocus.com/bid/45093