CVE-2010-4277 – Embedded Video <= 4.1 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2010-4277

Cross-site scripting (XSS) vulnerability in lembedded-video.php in the Embedded Video plugin 4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the content parameter to wp-admin/post.php. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en lembedded-video.php en el plugin Embedded Video v4.1 para WordPress permite a atacantes remotos inyecatar código web o HTML de su elección a través del parámetro content en wp-admin/post.php. Cross-site scripting (XSS) vulnerability in embedded-video.php in the Embedded Video plugin 4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the content parameter to wp-admin/post.php. Embedded Video WordPress Plugin suffers from a cross site scripting vulnerability. • http://www.securityfocus.com/archive/1/515345/100/0/threaded http://www.securityfocus.com/bid/45486 https://exchange.xforce.ibmcloud.com/vulnerabilities/64214 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •