CVE-2010-2849

nubuilder <10.07.12 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in productionnu2/nuedit.php in nuBuilder 10.04.20, and possibly other versions before 10.07.12, allows remote attackers to inject arbitrary web script or HTML via the f parameter.

References (8)

Scores

EPSS 0.0066
EPSS Percentile 70.7%

Classification

CWE
CWE-79
Status published

Affected Products (7)

nusoftware/nubuilder < 10.04.20
nusoftware/nubuilder
nusoftware/nubuilder
nusoftware/nubuilder
nusoftware/nubuilder
nusoftware/nubuilder
n/a/n/a

Timeline

Published Jul 25, 2010
Tracked Since Feb 18, 2026