VYPR
Unrated severityNVD Advisory· Published Jan 18, 2011· Updated Jun 16, 2026

CVE-2010-4646

CVE-2010-4646

Description

Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 allows remote attackers to inject arbitrary web script or HTML via a crafted background attribute within a cell in a TABLE element, related to improper use of the htmLawed filter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

14
  • cpe:2.3:a:hastymail:hastymail2:*:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:a:hastymail:hastymail2:*:*:*:*:*:*:*:*range: <=1.0
    • cpe:2.3:a:hastymail:hastymail2:*:beta1:*:*:*:*:*:*
    • cpe:2.3:a:hastymail:hastymail2:*:beta2:*:*:*:*:*:*
    • cpe:2.3:a:hastymail:hastymail2:*:beta3:*:*:*:*:*:*
    • cpe:2.3:a:hastymail:hastymail2:*:rc1:*:*:*:*:*:*
    • cpe:2.3:a:hastymail:hastymail2:*:rc2:*:*:*:*:*:*
    • cpe:2.3:a:hastymail:hastymail2:*:rc3:*:*:*:*:*:*
    • cpe:2.3:a:hastymail:hastymail2:*:rc4:*:*:*:*:*:*
    • cpe:2.3:a:hastymail:hastymail2:*:rc5:*:*:*:*:*:*
    • cpe:2.3:a:hastymail:hastymail2:*:rc6:*:*:*:*:*:*
    • cpe:2.3:a:hastymail:hastymail2:*:rc7:*:*:*:*:*:*
    • cpe:2.3:a:hastymail:hastymail2:*:rc8:*:*:*:*:*:*
    • cpe:2.3:a:hastymail:hastymail2:*:rc9:*:*:*:*:*:*
    • (no CPE)range: <1.01

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.