VYPR
Unrated severityNVD Advisory· Published Jul 29, 2011· Updated Jun 16, 2026

CVE-2011-2694

CVE-2011-2694

Description

Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.