Unrated severityNVD Advisory· Published Nov 2, 2010· Updated Apr 29, 2026

CVE-2010-4146

Description

Cross-site scripting (XSS) vulnerability in Attachmate Reflection for the Web 2008 R2 (builds 10.1.569 and earlier), 2008 R1, and 9.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected products

Attachmate/Reflection For The Web7 versions
cpe:2.3:a:attachmate:reflection_for_the_web:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:attachmate:reflection_for_the_web:*:*:*:*:*:*:*:*range: <=9.6
- cpe:2.3:a:attachmate:reflection_for_the_web:*:r2:*:*:*:*:*:*range: <=2008
- cpe:2.3:a:attachmate:reflection_for_the_web:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:attachmate:reflection_for_the_web:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:attachmate:reflection_for_the_web:9.01:*:*:*:*:*:*:*
- cpe:2.3:a:attachmate:reflection_for_the_web:9.5:*:*:*:*:*:*:*
- cpe:2.3:a:attachmate:reflection_for_the_web:2008:r1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/41869nvdVendor Advisory
support.attachmate.com/techdocs/1704.htmlnvdVendor Advisory
osvdb.org/68637nvd
www.securityfocus.com/bid/44123nvd
exchange.xforce.ibmcloud.com/vulnerabilities/62564nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000