CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2010-2717
https://notcve.org/view.php?id=CVE-2010-2717
Cross-site scripting (XSS) vulnerability in manager/login.php in CruxSoftware CruxCMS 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the txtusername parameter. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) manager/login.php de CruxSoftware CruxCMS v3.0, y posiblemente versiones anteriores, permite a atacantes remotos inyectar código web o HTML de su elección a través del parámetro "txtusername". • http://www.htbridge.ch/advisory/xss_vulnerability_in_cruxcms_1.html http://www.securityfocus.com/archive/1/512245/100/0/threaded http://www.vupen.com/english/advisories/2010/1708 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •