Back to search
CVE-2010-3070
Published: Sep 28, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20100903 CVE request: XSS in nusoap
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=629585
x_refsource_CONFIRM
FEDORA-2010-15080
vendor-advisory
x_refsource_FEDORA
FEDORA-2010-15082
vendor-advisory
x_refsource_FEDORA
[oss-security] 20100907 Re: CVE request: XSS in nusoap
mailing-list
x_refsource_MLIST
41653
third-party-advisory
x_refsource_SECUNIA
http://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=633011
x_refsource_CONFIRM
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595248
x_refsource_CONFIRM
ADV-2010-2535
vdb-entry
x_refsource_VUPEN
[oss-security] 20100914 CVE request: mantis before 1.2.3 (XSS)
mailing-list
x_refsource_MLIST
42959
vdb-entry
x_refsource_BID
FEDORA-2010-14100
vendor-advisory
x_refsource_FEDORA
FEDORA-2010-14098
vendor-advisory
x_refsource_FEDORA
FEDORA-2010-15061
vendor-advisory
x_refsource_FEDORA
[oss-security] 20100914 Re: CVE request: mantis before 1.2.3 (XSS)
mailing-list
x_refsource_MLIST
http://www.mantisbt.org/bugs/view.php?id=12312
x_refsource_CONFIRM
[mantisbt-announce] 20100914 MantisBT 1.2.3 Released
mailing-list
x_refsource_MLIST
http://www.mantisbt.org/bugs/changelog_page.php?version_id=111
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now