CVE-2010-2491

Roundup < 1.4.13 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup before 1.4.14 allows remote attackers to inject arbitrary web script or HTML via the template argument to the /issue program.

References (14)

Scores

EPSS 0.0072
EPSS Percentile 72.2%

Classification

CWE
CWE-79
Status published

Affected Products (50)

roundup-tracker/roundup < 1.4.13
roundup-tracker/roundup
roundup-tracker/roundup
roundup-tracker/roundup
roundup-tracker/roundup
roundup-tracker/roundup
roundup-tracker/roundup
roundup-tracker/roundup
roundup-tracker/roundup
roundup-tracker/roundup
roundup-tracker/roundup
roundup-tracker/roundup
roundup-tracker/roundup
roundup-tracker/roundup
roundup-tracker/roundup
... and 35 more

Timeline

Published Sep 24, 2010
Tracked Since Feb 18, 2026