Vulnerability Name: | CVE-2010-4146 (CCN-62564) | ||||||||
Assigned: | 2010-10-14 | ||||||||
Published: | 2010-10-14 | ||||||||
Updated: | 2017-08-17 | ||||||||
Summary: | Cross-site scripting (XSS) vulnerability in Attachmate Reflection for the Web 2008 R2 (builds 10.1.569 and earlier), 2008 R1, and 9.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-79 | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2010-4146 Source: OSVDB Type: UNKNOWN 68637 Source: CCN Type: SA41869 Attachmate Reflection for the Web Cross-Site Scripting Vulnerability Source: SECUNIA Type: Vendor Advisory 41869 Source: CCN Type: Attachmate Technical Note 1704 Security Updates and Reflection for the Web Source: CONFIRM Type: Vendor Advisory http://support.attachmate.com/techdocs/1704.html Source: CCN Type: OSVDB ID: 68637 Attachmate Reflection for the Web Unspecified XSS Source: BID Type: UNKNOWN 44123 Source: CCN Type: BID-44123 Attachmate Reflection for the Web Cross Site Scripting Vulnerability Source: XF Type: UNKNOWN attachmate-unspecified-xss(62564) Source: XF Type: UNKNOWN attachmate-unspecified-xss(62564) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |