CVE-2010-4405

Cross-site scripting (XSS) vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: Dec 6, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-4405
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
anything-digital / sh404sef	-	2.1.7.761.x
anything-digital / sh404sef	1.5.2.255	1.5.2.255.x
anything-digital / sh404sef	1.5.3.296	1.5.3.296.x
anything-digital / sh404sef	1.5.4.302	1.5.4.302.x
anything-digital / sh404sef	1.5.5.388	1.5.5.388.x
anything-digital / sh404sef	1.5.6.398	1.5.6.398.x
anything-digital / sh404sef	1.5.7.407	1.5.7.407.x
anything-digital / sh404sef	1.5.8.432	1.5.8.432.x
anything-digital / sh404sef	1.5.9.434	1.5.9.434.x
anything-digital / sh404sef	1.5.10.446	1.5.10.446.x
anything-digital / sh404sef	1.5.11.459	1.5.11.459.x
anything-digital / sh404sef	1.5.12.464	1.5.12.464.x
anything-digital / sh404sef	2.0.0-rc522	2.0.0-rc522.x
anything-digital / sh404sef	2.0.1.531	2.0.1.531.x
anything-digital / sh404sef	2.0.2.542	2.0.2.542.x
anything-digital / sh404sef	2.0.3.545	2.0.3.545.x
anything-digital / sh404sef	2.1.0.641	2.1.0.641.x
anything-digital / sh404sef	2.1.1.644	2.1.1.644.x
anything-digital / sh404sef	2.1.2.649	2.1.2.649.x
anything-digital / sh404sef	2.1.3.680	2.1.3.680.x
anything-digital / sh404sef	2.1.4.734	2.1.4.734.x
anything-digital / sh404sef	2.1.5.746	2.1.5.746.x
anything-digital / sh404sef	2.1.6.749	2.1.6.749.x

Vulnerability Database

289,599

CVE-2010-4405