CVE-2010-3070

Description

Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.

Affected packages (1)

• Debian/nusoapfrom 0, < 0.7.3-4

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-3070