Description

Cross-site scripting (XSS) vulnerability in XWiki Enterprise before 2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2010-4642

Related Vulnerabilities

PHP Improper Input Validation Vulnerability (CVE-2007-4783)

WordPress Plugin GenerateBlocks Cross-Site Scripting (1.3.5)

Apache Tomcat Improperly Implemented Security Check for Standard Vulnerability (CVE-2017-15706)

Plone CMS Missing Authentication for Critical Function Vulnerability (CVE-2020-35190)

IBM RTC Session Fixation Vulnerability (CVE-2018-1492)

Severity

Medium

Classification

CVE-2010-4642 CWE-707

Tags

Missing Update Known Vulnerabilities