CVE-2010-3070

描述

Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.

受影響套件(1)

• Debian/nusoapfrom 0, < 0.7.3-4

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-3070