CVE-2010-1274

Emweb Wt <3.1.1 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Emweb Wt before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to "insertions of the URL" that occur during a redirection.

References (5)

[Vendor Advisory] http://secunia.com/advisories/38759

[Vendor Advisory] http://www.webtoolkit.eu/wt/doc/reference/html/Releasenotes.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/38541

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/56681

[Third Party Advisory, VDB Entry] http://www.osvdb.org/62716

Scores

EPSS 0.0036

EPSS Percentile 57.6%

Classification

CWE

CWE-79

Status published

Affected Products (27)

webtoolkit/wt < 3.1.0

webtoolkit/wt

... and 12 more

Timeline

Published Apr 06, 2010

Tracked Since Feb 18, 2026