CVE-2010-0726

tDiary <2.2.2 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the tb-send.rb (TrackBack transmission) plugin in tDiary 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors, possibly related to the (1) plugin_tb_url and (2) plugin_tb_excerpt parameters.

References (7)

Scores

EPSS 0.0052
EPSS Percentile 66.5%

Classification

CWE
CWE-79
Status published

Affected Products (7)

tdiary/tdiary < 2.2.2
tdiary/tdiary
tdiary/tdiary
tdiary/tdiary
tdiary/tdiary
tdiary/tdiary
n/a/n/a

Timeline

Published Mar 02, 2010
Tracked Since Feb 18, 2026