CVE-2010-3070

Name of the Vulnerable Software and Affected Versions NuSOAP version 0.9.5

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the PATH INFO to an arbitrary PHP script that uses NuSOAP classes. This could potentially lead to unauthorized actions on the affected web application.

Recommendations For NuSOAP version 0.9.5, consider disabling the use of NuSOAP classes until a patch or updated version is available to mitigate the risk of XSS attacks. Restrict access to PHP scripts that utilize NuSOAP to minimize the risk of exploitation.