CVE-2008-3730

Published Aug 20, 2008
Last updated 8 years ago
CVSS info 4.3
Overview

Description: Cross-site scripting (XSS) vulnerability in Nordicwind Document Management System (NOAH) before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-79
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2F1CBC7-E6C8-4362-910C-F0241ECB0B10",
            "versionEndIncluding": "3.2.1"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:1.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85B722F8-86E7-4167-A0F6-4C47D031D3D1"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:1.5.0b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "069E8791-CB9B-4561-9A44-E6436FCC7455"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C969E818-F310-48A4-BCE5-D25D80DF6EA6"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:1.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83E0EE8C-3A85-46F6-B514-0D17B18E87D4"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:1.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB68C485-CD65-4A7D-8870-786F344DA198"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:1.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BFBB5C0-6C00-4134-BD70-C4096F29FF66"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:1.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DAFCB7F-B5DE-45B1-9A68-9DC76B799923"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A36D93C3-3A99-4C65-B8CD-9D6289118988"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:2.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "179BA060-71CA-4093-ABEF-9F99DA44D2A1"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:2.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94193B07-3D89-47EB-92D0-60570DC13BA0"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:2.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE44810A-703F-4432-8261-A95AA6CBAA03"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:2.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2767D0D4-11B8-4847-B6F6-038881455714"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:2.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77AB71B7-8295-4580-846F-A59159EAAC59"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:2.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4F5D2C4-E4AD-4F04-99B0-4ABC8F992ADE"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "205EAB96-D71E-47FA-A194-3D97B99CA0D5"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:noah:3.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A9DFEF4-A828-4B22-A903-08111A4C99D3"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC455378-BDCC-4602-86B6-D6687AE66C1B",
            "versionEndIncluding": "3.2.1"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2539F691-6B92-40A6-B26C-AA059CF825C8"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.0b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB57C4CD-359B-49ED-9E89-27088694F030"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFF058FC-90D8-4E08-BAEA-E7635CBD3582"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E95E72B6-E43E-4707-8F04-29476A11B520"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F7C9417-BFF5-41DE-B328-A1F2E8375B83"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBF67F28-92D9-4689-B25E-343BA927397D"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "233330E5-2DED-4CB1-9653-E5CFA5C7E364"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "920417C4-BA54-4182-ACFF-3C1EE743A5FB"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8251B1F0-47B4-446E-9A13-C1EAF2CD74EA"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22DEA5BE-1102-4729-9E1F-6E5B39CC1BE7"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A39C66C3-3267-4875-9040-CA7AC04F7874"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB6B9D61-C8AA-4F36-9769-374CED49C83D"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43A85963-8CBC-4AC9-8F8A-C5D9F7FF3816"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E4B95AA-F5FC-4B93-B517-144D376C0822"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20CB2E5F-B247-4531-BCA4-E9A4B52DABA2"
          },
          {
            "criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:3.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61C42D81-7E18-47BF-9E03-AB402AF20F6F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
