CVE-2010-3797

Apple Mac OS X Server - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

References (3)

[Vendor Advisory] http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

[Patch, Vendor Advisory] http://support.apple.com/kb/HT4435

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1024723

Scores

EPSS 0.0021

EPSS Percentile 43.1%

Classification

CWE

CWE-79

Status published

Affected Products (7)

apple/mac_os_x_server

n/a/n/a

Timeline

Published Nov 16, 2010

Tracked Since Feb 18, 2026