Etomite 0.6 hasta 1.0 cross site scripting

ArtículoeditarHistoryDiffjsonxmlCTI

Una vulnerabilidad clasificada como problemática ha sido encontrada en Etomite 0.6 hasta 1.0. Una función desconocida es afectada por esta vulnerabilidad. Una actualización a la versión 0.6.1.4 elimina esta vulnerabilidad.

Campo2015-03-23 16:502019-02-13 10:43
nameEtomiteEtomite
version0.6/0.6.1/0.6.1.1/0.6.1.2/0.6.1.3/0.6.1.4/1.00.6/0.6.1/0.6.1.1/0.6.1.2/0.6.1.3/0.6.1.4/1.0
cwe79 (cross site scripting)79 (cross site scripting)
risk11
cvss2_vuldb_basescore4.34.3
cvss2_vuldb_tempscore3.73.7
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciNN
cvss2_nvd_iiPP
cvss2_nvd_aiNN
cvss3_meta_basescore4.34.3
cvss3_meta_tempscore4.14.1
cvss3_vuldb_basescore4.34.3
cvss3_vuldb_tempscore4.14.1
date1323302400 (2011-12-08)1323302400 (2011-12-08)
urlhttp://jvndb.jvn.jp/jvndb/JVNDB-2011-000101http://jvndb.jvn.jp/jvndb/JVNDB-2011-000101
price_0day$0-$5k$0-$5k
nameUpgradeUpgrade
upgrade_version0.6.1.40.6.1.4
cveCVE-2011-4264CVE-2011-4264
cve_nvd_published13233024001323302400
cve_nvd_summaryCross-site scripting (XSS) vulnerability in Etomite before 1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.Cross-site scripting (XSS) vulnerability in Etomite before 1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiRR
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcXX
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
cve_assigned1320192000

Interested in the pricing of exploits?

See the underground prices here!