CVE-2010-4901
MySource Matrix 3.28.3 - Cross-Site Scripting via char_map.php Height or Width Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-4901. PoCs published by Gjoko Krstic.
AI-analyzed exploit summary This exploit demonstrates a reflected XSS vulnerability in MySource Matrix by injecting arbitrary JavaScript via unsanitized URL parameters. The PoC uses a crafted URL to trigger an alert dialog, proving the vulnerability.
Description
Multiple cross-site scripting (XSS) vulnerabilities in char_map.php in MySource Matrix 3.28.3 allow remote attackers to inject arbitrary web script or HTML via the (1) height or (2) width parameter.
Exploits (1)
This exploit demonstrates a reflected XSS vulnerability in MySource Matrix by injecting arbitrary JavaScript via unsanitized URL parameters. The PoC uses a crafted URL to trigger an alert dialog, proving the vulnerability.