1. Home
  2. CVE Database
  3. CVE-2010-1276
MEDIUM · 4.3

CVE-2010-1276

Multiple cross-site scripting (XSS) vulnerabilities in BBSXP 2008 SP2 allow remote attackers to inject arbitrary web script or HTML via the URI in a request to (1) AddPost.asp, (2) AddTopic.asp, (3) A...

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in BBSXP 2008 SP2 allow remote attackers to inject arbitrary web script or HTML via the URI in a request to (1) AddPost.asp, (2) AddTopic.asp, (3) Admin_Default.asp, (4) Bank.asp, (5) Manage.asp, and (6) ShowPost.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
BbsxpBbsxp2008

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2010-1276?

CVE-2010-1276 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in BBSXP 2008 SP2 allow remote attackers to inject arbitrary web script or HTML via the URI in a request to (1) AddPost.asp, (2) AddTopic.asp, (3) A...

How severe is CVE-2010-1276?

CVE-2010-1276 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-1276?

Check the references section above for vendor advisories and patch information. Affected products include: Bbsxp Bbsxp.