NVD

Id
13590  
Name
CVE-2010-2103  
Description
Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the modules parameter. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-18  
Published
2010-05-27  
Modified Date
2013-05-09  
Seq
2010-2103  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
75014 13590 CVE-2010-2103 http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf  View
75015 13590 CVE-2010-2103 12689  View
75016 13590 CVE-2010-2103 http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-03  View
75017 13590 CVE-2010-2103 20100521 PR10-03: Authenticated Cross-Site Scripting (XSS) within the Apache Axis2 administration console  View
75018 13590 CVE-2010-2103 40327  View
75019 13590 CVE-2010-2103 ADV-2010-1215  View
75020 13590 CVE-2010-2103 axis2-modules-xss(58790)  View
75021 13590 CVE-2010-2103 https://kb.juniper.net/KB27373  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
38334 JVNDB-2010-004119 SAP Business Objects などで使用される Apache Axis2/Java の axis2-admin/axis2-admin/engagingglobally におけるクロスサイトスクリプティングの脆弱性 SAP Business Objects および 3com IMC などで使用される Apache Axis2/Java の管理コンソールの axis2-admin/axis2-admin/engagingglobally には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2010-2103 44683 CVE-2010-2103 13590 4.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-004119.html 2010-05-27 2012-06-26 View