Description

Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki 2.2.20 allows remote attackers to inject arbitrary web script or HTML via the from parameter to Main/WikiSandbox. NOTE: some of these details are obtained from third party information.

Remediation

References

CVE-2010-4748

Related Vulnerabilities

Internet Information Services CVE-2006-6578 Vulnerability (CVE-2006-6578)

WordPress Plugin Checkout Field Editor for WooCommerce (Pro) Arbitrary File Deletion (3.6.2)

Oracle JRE CVE-2018-2633 Vulnerability (CVE-2018-2633)

ReviveAdserver Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-22948)

Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.2)

Severity

Medium

Classification

CVE-2010-4748 CWE-707

Tags

Missing Update Known Vulnerabilities