CVE-2010-2032
Caucho Resin Professional 3.1.5 - '/resin-admin/digest.php' Multiple Cross-Site Scripting Vulnerabilities
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/digest.php in Caucho Technology Resin Professional 3.1.5, 3.1.10, 4.0.6, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) digest_realm or (2) digest_username parameters. NOTE: some of these details are obtained from third party information.
Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en resin-admin/digest.php de Caucho Technology Resin Professional v3.1.5, v3.1.10, v4.0.6, y posiblemente otras versiones. Permiten a atacantes remotos inyectar codigo de script web o código HTML de su elección a través de los parámetros (1) digest_realm o (2) digest_username. NOTA: algunos de estos detalles han sido obtenidos de información procedente de terceras partes.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-05-19 First Exploit
- 2010-05-24 CVE Reserved
- 2010-05-24 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-26 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/archive/1/511341/100/0/threaded | Mailing List | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/58733 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/34012 | 2010-05-19 | |
http://packetstormsecurity.org/1005-exploits/cauchoresin312-xss.txt | 2024-08-07 | |
http://www.securityfocus.com/bid/40251 | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/39839 | 2018-10-10 | |
http://www.vupen.com/english/advisories/2010/1201 | 2018-10-10 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Caucho Search vendor "Caucho" | Resin Search vendor "Caucho" for product "Resin" | 3.1.5 Search vendor "Caucho" for product "Resin" and version "3.1.5" | pro |
Affected
| ||||||
Caucho Search vendor "Caucho" | Resin Search vendor "Caucho" for product "Resin" | 3.1.10 Search vendor "Caucho" for product "Resin" and version "3.1.10" | pro |
Affected
| ||||||
Caucho Search vendor "Caucho" | Resin Search vendor "Caucho" for product "Resin" | 4.0.6 Search vendor "Caucho" for product "Resin" and version "4.0.6" | pro |
Affected
|