CVE-2010-4358

CVE-2010-4358

EPSS 1.1%

Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi in MRCGIGUY (MCG) Guestbook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) email, (3) website, and (4) message parameters.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://evuln.com/vulns/144/summary.html http://packetstormsecurity.org/files/view/96101/mcgguestbook-xss.txt http://secunia.com/advisories/42315 http://www.securityfocus.com/archive/1/514884/100/0/threaded http://www.securityfocus.com/bid/45043