CVE-2010-4647
Published: 13 January 2011
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2) help/advanced/content.jsp.
Priority
Status
Package | Release | Status |
---|---|---|
eclipse Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Ignored
(end of life)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Not vulnerable
(3.5.2-10ubuntu2)
|
|
precise |
Not vulnerable
(3.5.2-10ubuntu2)
|
|
quantal |
Not vulnerable
(3.5.2-10ubuntu2)
|
|
raring |
Not vulnerable
(3.5.2-10ubuntu2)
|
|
saucy |
Not vulnerable
(3.5.2-10ubuntu2)
|
|
upstream |
Released
(3.5.2-9)
|