Unrated severityNVD Advisory· Published Dec 8, 2010· Updated Jun 16, 2026
CVE-2010-4109
CVE-2010-4109
Description
Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file.
Affected products
3cpe:2.3:o:hp:palm_webos:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:hp:palm_webos:*:*:*:*:*:*:*:*range: <=1.4.5
- cpe:2.3:o:hp:palm_webos:1.4.1:*:*:*:*:*:*:*
- (no CPE)range: <2.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.