CVE-2010-4753

LightNEasy 3.2.1 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in LightNEasy.php in LightNEasy 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, which is not properly handled in a forced SQL error message.

References (3)

[Various Sources] http://holisticinfosec.org/content/view/168/45/

[Vendor Advisory] http://secunia.com/advisories/42391

[Various Sources] http://www.lightneasy.org/punbb/viewtopic.php?id=1207

Scores

EPSS 0.0030

EPSS Percentile 52.7%

Classification

CWE

CWE-79

Status published

Affected Products (2)

lightneasy/lightneasy

n/a/n/a

Timeline

Published Mar 01, 2011

Tracked Since Feb 18, 2026