VWE-2010-0076 Printable Version

https://www.vaultwiki.org/pages/Book/Documentation/VWE-2010-0076
This page is a chapter in Info Known Vulnerabilities

This page has been seen 192,972 times.

- Created by
  dianiz
  on April 18, 2015
  
  Last updated by
  pegasus
  on February 16, 2017

Common Name Protocol Injection Vulnerability
VWE-ID VWE-2010-0076
Related Report None
Severity HIGH
Exploit Difficulty NORMAL
Platform Affects all platforms supported by the vulnerable versions.
Description HTML/Javascript injection.

Discovered November 17, 2010
Resolved November 22, 2010
Patches Available 3.0.6
2.5.7 Patch Level 4
Workaround Update all wiki forums so that none allow BB-Code.
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.

Common Name	Protocol Injection Vulnerability
VWE-ID	VWE-2010-0076
Related Report	None
Severity	HIGH
Exploit Difficulty	NORMAL
Platform	Affects all platforms supported by the vulnerable versions.
Description	HTML/Javascript injection.
Discovered	November 17, 2010
Resolved	November 22, 2010
Patches Available	3.0.6 2.5.7 Patch Level 4
Workaround	Update all wiki forums so that none allow BB-Code.