CVE-2010-4183 — MEDIUM (4.3)

Q: How severe is CVE-2010-4183?

CVE-2010-4183 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2010-4183?

Check the references section above for vendor advisories and patch information. Affected products include: Htmlpurifier Htmlpurifier, Microsoft Internet Explorer.

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before 4.1.0, when Internet Explorer is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) background-image, (2) background, or (3) font-family Cascading Style Sheets (CSS) property, a different vulnerability than CVE-2010-2479.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Htmlpurifier	Htmlpurifier	<= 4.0.0
Microsoft	Internet Explorer	All versions

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2010-4183?

CVE-2010-4183 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before 4.1.0, when Internet Explorer is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) backg...

How severe is CVE-2010-4183?

CVE-2010-4183 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-4183?

Check the references section above for vendor advisories and patch information. Affected products include: Htmlpurifier Htmlpurifier, Microsoft Internet Explorer.