cbcvebase.
CVE-2010-1448
published 2010-06-24

CVE-2010-1448: Cross-site scripting (XSS) vulnerability in lib/LXR/Common.pm in LXR Cross Referencer before 0.9.8 allows remote attackers to inject arbitrary web script or…

PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
2.51%
82.8th percentile
Cross-site scripting (XSS) vulnerability in lib/LXR/Common.pm in LXR Cross Referencer before 0.9.8 allows remote attackers to inject arbitrary web script or HTML via vectors related to a string in the search page's TITLE element, a different vulnerability than CVE-2009-4497 and CVE-2010-1625.

Affected

13 ranges
VendorProductVersion rangeFixed in
malcom_boxlxr_cross_referencer<= 0.9.7
malcom_boxlxr_cross_referencer<= 0.9.6
malcom_boxlxr_cross_referencer
malcom_boxlxr_cross_referencer
malcom_boxlxr_cross_referencer
malcom_boxlxr_cross_referencer
malcom_boxlxr_cross_referencer
malcom_boxlxr_cross_referencer
malcom_boxlxr_cross_referencer
malcom_boxlxr_cross_referencer
malcom_boxlxr_cross_referencer
malcom_boxlxr_cross_referencer
malcom_boxlxr_cross_referencer
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.