CVE-2010-3070 nusoap

Metadata

medium
4.3
nusoap
CVE-2010-3070
2017-12-30 18:04
CVE-2010-3070
2017-12-29 21:05
2017-06-18 07:05
2017-06-16 18:54
2017-04-01 19:11
2017-01-05 20:17

Description

Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
buster nusoap 0.7.3-4
jessie nusoap 0.7.3-4
sid nusoap 0.7.3-4
stretch nusoap 0.7.3-4
wheezy nusoap 0.7.3-4