CVE-2011-2694 in Sambainformazioni

Riassunto

di MITRE

Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page).

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

11/07/2011

Divulgazione

29/07/2011

Moderazione

accettato

Voce

VDB-58136

CPE

pronto

CWE

CWE-79 (confermato)

CVSS

2.6 (NVD)

EPSS

0.06293

KEV

Attività

molto basso

Settore

Industry, Insurance, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-2694
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-2694
CVE Details	https://www.cvedetails.com/cve/CVE-2011-2694/

◂ Precedente Visione D'ensemble Il prossimo ▸

Want to know what is going to be exploited?

We predict KEV entries!