Etomite 0.6 do 1.0 cross site scripting

WpisedytowaćHistoryDiffjsonxmlCTI

Odkryto lukę w Etomite 0.6 do 1.0. Dotknięta jest nieznana funkcja. Aktualizacja do wersji 0.6.1.4 eliminuje tę podatność.

Pole2015-03-23 16:502019-02-13 10:43
nameEtomiteEtomite
version0.6/0.6.1/0.6.1.1/0.6.1.2/0.6.1.3/0.6.1.4/1.00.6/0.6.1/0.6.1.1/0.6.1.2/0.6.1.3/0.6.1.4/1.0
cwe79 (cross site scripting)79 (cross site scripting)
risk11
cvss2_vuldb_basescore4.34.3
cvss2_vuldb_tempscore3.73.7
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciNN
cvss2_nvd_iiPP
cvss2_nvd_aiNN
cvss3_meta_basescore4.34.3
cvss3_meta_tempscore4.14.1
cvss3_vuldb_basescore4.34.3
cvss3_vuldb_tempscore4.14.1
date1323302400 (2011-12-08)1323302400 (2011-12-08)
urlhttp://jvndb.jvn.jp/jvndb/JVNDB-2011-000101http://jvndb.jvn.jp/jvndb/JVNDB-2011-000101
price_0day$0-$5k$0-$5k
nameUpgradeUpgrade
upgrade_version0.6.1.40.6.1.4
cveCVE-2011-4264CVE-2011-4264
cve_nvd_published13233024001323302400
cve_nvd_summaryCross-site scripting (XSS) vulnerability in Etomite before 1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.Cross-site scripting (XSS) vulnerability in Etomite before 1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiRR
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcXX
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
cve_assigned1320192000

Do you want to use VulDB in your project?

Use the official API to access entries easily!