CVE-2010-3462

Mollify <1.6-1.6.5.5 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in backend/plugin/Registration/index.php in Mollify 1.6, 1.6.5.5, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the confirm parameter. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WRITEUP VERIFIED
by John Leitch · textwebappsphp
https://www.exploit-db.com/exploits/34640

References (4)

Scores

EPSS 0.0113
EPSS Percentile 78.1%

Classification

CWE
CWE-79
Status published

Affected Products (3)

mollify/mollify
mollify/mollify
n/a/n/a

Timeline

Published Sep 17, 2010
Tracked Since Feb 18, 2026