Vulnerability Details CVE-2010-2697
Cross-site scripting (XSS) vulnerability in Sijio Community Software allows remote authenticated users to inject arbitrary web script or HTML via the title parameter when adding a new blog, related to edit_blog/index.php. NOTE: some of these details are obtained from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.5%
CVSS Severity
CVSS v2 Score 3.5
References
- http://osvdb.org/66154
- http://secunia.com/advisories/40492
- http://www.exploit-db.com/exploits/14260
- http://www.vupen.com/english/advisories/2010/1766
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60176
- http://osvdb.org/66154
- http://secunia.com/advisories/40492
- http://www.exploit-db.com/exploits/14260
- http://www.vupen.com/english/advisories/2010/1766
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60176
Products affected by CVE-2010-2697
-
cpe:2.3:a:sijio:community_software:*