CVE-2011-4170
EPSS 0.22%發布日:2011/10/23修改日:2026/4/28
描述
Cross-site scripting (XSS) vulnerability in the theme_adium_append_message function in empathy-theme-adium.c in the Adium theme in libempathy-gtk in Empathy 3.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted alias (aka nickname) in a /me event, a different vulnerability than CVE-2011-3635.
受影響套件(1)
- Debian/empathyfrom 0, < 3.2.1.1-1