CVE-2010-2125

Name of the Vulnerable Software and Affected Versions Rotor Banner module versions 5.x before 5.x-1.8 Rotor Banner module versions 6.x before 6.x-2.5

Description The issue allows remote authenticated users with specific privileges to inject arbitrary web script or HTML. This can be achieved via the srs, title, or alt image attribute. The estimated number of potentially affected devices and details about real-world incidents are not provided.

Recommendations For Rotor Banner module version 5.x, update to version 5.x-1.8 or later. For Rotor Banner module version 6.x, update to version 6.x-2.5 or later.