CVE-2010-4873 Information

Description

Cross-site scripting (XSS) vulnerability in confirm.php in WeBid 0.8.5 P1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

Reference

http://osvdb.org/69103 http://packetstormsecurity.org/1011-exploits/webid085p1-xss.txt http://secunia.com/advisories/42171 http://securityreason.com/securityalert/8429 http://www.johnleitch.net/Vulnerabilities/WeBid.0.8.5P1.Reflected.Cross-site.Scripting/62 http://www.securityfocus.com/bid/44765 https://exchange.xforce.ibmcloud.com/vulnerabilities/63152