CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 3CVE-2010-2852
https://notcve.org/view.php?id=CVE-2010-2852
Cross-site scripting (XSS) vulnerability in modules/headlines/magpierss/scripts/magpie_debug.php in RunCms 2.1, when the Headlines module is enabled, allows remote attackers to inject arbitrary web script or HTML via the url parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en modules/headlines/magpierss/scripts/magpie_debug.php en RunCms 2.1, cuando el módulo Headlines está habilitado, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro "url". • http://cross-site-scripting.blogspot.com/2010/07/runcms-21-magpie-rss-module-reflected.html http://osvdb.org/66244 http://secunia.com/advisories/40521 http://www.securityfocus.com/bid/41551 https://exchange.xforce.ibmcloud.com/vulnerabilities/60224 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •