CVE-2010-1677

Name of the Vulnerable Software and Affected Versions MHonArc version 2.6.16

Description The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by exploiting the handling of start tags placed within other start tags. An example of this exploitation is a sequence such as <bo<bo<bo<bo<body>dy>dy>dy>dy>.

Recommendations For MHonArc version 2.6.16, consider temporarily restricting the handling of nested start tags to minimize the risk of CPU consumption denial of service attacks until a patch is available.