PT-2019-6591 · Statusnet · Statusnet

Josh Bressers

Published

2019-11-20

Updated

2019-11-21

CVE-2010-4659

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions StatusNet versions prior to 2011

Description The issue is related to a cross-site scripting (XSS) vulnerability in error message contents. This type of vulnerability allows attackers to inject malicious scripts into content from otherwise trusted websites.

Recommendations For versions prior to 2011, update to a version released after 2010 to resolve the issue. As a temporary workaround, consider restricting the display of error messages to minimize the risk of exploitation.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2010-4659

Affected Products

Statusnet

PT-2019-6591 · Statusnet · Statusnet

CVE-2010-4659

Weakness Enumeration

Related Identifiers

Affected Products

References · 6