CVE-2010-2130

Name of the Vulnerable Software and Affected Versions Aris Global ARISg version 5.0

Description The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter in the "wflogin.jsp" file.

Recommendations For version 5.0, avoid using the errmsg parameter in the vulnerable wflogin.jsp file until a fix is available. As a temporary workaround, consider restricting access to the wflogin.jsp file to minimize the risk of exploitation.