NotCVE - vendor:"Yandex" product:"Yandex.server 2010" version:"9.0"

1 results (0.003 seconds)

CVSS: 6.1EPSS: 2%CPEs: 1EXPL: 2

CVE-2012-2941 – Yandex.Server 2010 9.0 - 'text' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2012-2941

27 May 2012 — Cross-site scripting (XSS) vulnerability in search/ in Yandex.Server 2010 9.0 Enterprise allows remote attackers to inject arbitrary web script or HTML via the text parameter. Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en search/ in Yandex.Server 2010 v9.0 Enterprise permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro de texto. • https://www.exploit-db.com/exploits/37224 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •