CVE-2010-4405

Anything-digital Sh404sef < 2.1.7.761 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (4)

[Various Sources] http://dev.anything-digital.com/Forum/Announcements/9100-Urgent-sh404SEF-security-release-Joomla-1.5/

[Vendor Advisory] http://secunia.com/advisories/42430

[Various Sources] http://twitter.com/jeffchannell/status/8603529560195072

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/45135

Scores

EPSS 0.0029

EPSS Percentile 51.7%

Classification

CWE

CWE-79

Status published

Affected Products (24)

anything-digital/sh404sef < 2.1.7.761

anything-digital/sh404sef

... and 9 more

Timeline

Published Dec 06, 2010

Tracked Since Feb 18, 2026