CVE-2015-10010

Name of the Vulnerable Software and Affected Versions OpenDNS OpenResolve (affected versions not specified)

Description A problem was found in OpenDNS OpenResolve, related to the function get of the file resolverapi/endpoints.py of the component API. This issue leads to cross site scripting. The attack can be launched remotely, but the complexity of an attack is rather high and the exploitation is known to be difficult.

Recommendations To fix this issue, it is recommended to apply a patch. Specifically, the patch c680170d5583cd9342fe1af43001fe8b2b8004dd should be applied. As a temporary workaround, consider disabling the get function of the resolverapi/endpoints.py file until the patch is applied.