CVE-2010-2464 – Joomla! Component RSComments 1.0.0 - Persistent Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2010-2464

Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website and (2) name parameters to index.php. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados ( XSS) en el componente RSComments (com_rscomments) v1.0.0 Rev 2 para Joomla! permite a atacantes remotos inyectar código web o HTML de su elección a través de los parámetros (1) website y (2) name en index.php. • https://www.exploit-db.com/exploits/13935 http://packetstormsecurity.org/1006-exploits/joomlarscomments-xss.txt http://secunia.com/advisories/40278 http://www.exploit-db.com/exploits/13935 http://www.rsjoomla.com/customer-support/documentations/96--general-overview-of-the-component/393-changelog.html http://www.securityfocus.com/bid/40977 https://exchange.xforce.ibmcloud.com/vulnerabilities/59578 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •