CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-10011 – OpenDNS OpenResolve endpoints.py neutralization for logs
https://notcve.org/view.php?id=CVE-2015-10011
A vulnerability classified as problematic has been found in OpenDNS OpenResolve. This affects an unknown part of the file resolverapi/endpoints.py. The manipulation leads to improper output neutralization for logs. The identifier of the patch is 9eba6ba5abd89d0e36a008921eb307fcef8c5311. It is recommended to apply a patch to fix this issue. • https://github.com/opendns/OpenResolve/commit/9eba6ba5abd89d0e36a008921eb307fcef8c5311 https://vuldb.com/?ctiid.217197 https://vuldb.com/?id.217197 • CWE-116: Improper Encoding or Escaping of Output CWE-117: Improper Output Neutralization for Logs •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-10010 – OpenDNS OpenResolve API endpoints.py get cross site scripting
https://notcve.org/view.php?id=CVE-2015-10010
A vulnerability was found in OpenDNS OpenResolve. It has been rated as problematic. Affected by this issue is the function get of the file resolverapi/endpoints.py of the component API. The manipulation leads to cross site scripting. The attack may be launched remotely. • https://github.com/opendns/OpenResolve/commit/c680170d5583cd9342fe1af43001fe8b2b8004dd https://vuldb.com/?ctiid.217196 https://vuldb.com/?id.217196 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •