CVE-2008-3730
Published Aug 20, 2008
Last updated 7 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in Nordicwind Document Management System (NOAH) before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nordicwind:noah:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2F1CBC7-E6C8-4362-910C-F0241ECB0B10",
"versionEndIncluding": "3.2.1"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:1.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85B722F8-86E7-4167-A0F6-4C47D031D3D1"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:1.5.0b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "069E8791-CB9B-4561-9A44-E6436FCC7455"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:1.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C969E818-F310-48A4-BCE5-D25D80DF6EA6"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:1.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83E0EE8C-3A85-46F6-B514-0D17B18E87D4"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:1.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB68C485-CD65-4A7D-8870-786F344DA198"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:1.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BFBB5C0-6C00-4134-BD70-C4096F29FF66"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:1.5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5DAFCB7F-B5DE-45B1-9A68-9DC76B799923"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A36D93C3-3A99-4C65-B8CD-9D6289118988"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:2.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "179BA060-71CA-4093-ABEF-9F99DA44D2A1"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:2.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94193B07-3D89-47EB-92D0-60570DC13BA0"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:2.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE44810A-703F-4432-8261-A95AA6CBAA03"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:2.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2767D0D4-11B8-4847-B6F6-038881455714"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:2.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "77AB71B7-8295-4580-846F-A59159EAAC59"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:2.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4F5D2C4-E4AD-4F04-99B0-4ABC8F992ADE"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:3.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "205EAB96-D71E-47FA-A194-3D97B99CA0D5"
},
{
"criteria": "cpe:2.3:a:nordicwind:noah:3.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A9DFEF4-A828-4B22-A903-08111A4C99D3"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC455378-BDCC-4602-86B6-D6687AE66C1B",
"versionEndIncluding": "3.2.1"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2539F691-6B92-40A6-B26C-AA059CF825C8"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.0b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB57C4CD-359B-49ED-9E89-27088694F030"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFF058FC-90D8-4E08-BAEA-E7635CBD3582"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E95E72B6-E43E-4707-8F04-29476A11B520"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F7C9417-BFF5-41DE-B328-A1F2E8375B83"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBF67F28-92D9-4689-B25E-343BA927397D"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "233330E5-2DED-4CB1-9653-E5CFA5C7E364"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "920417C4-BA54-4182-ACFF-3C1EE743A5FB"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8251B1F0-47B4-446E-9A13-C1EAF2CD74EA"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22DEA5BE-1102-4729-9E1F-6E5B39CC1BE7"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A39C66C3-3267-4875-9040-CA7AC04F7874"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB6B9D61-C8AA-4F36-9769-374CED49C83D"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43A85963-8CBC-4AC9-8F8A-C5D9F7FF3816"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E4B95AA-F5FC-4B93-B517-144D376C0822"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:3.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20CB2E5F-B247-4531-BCA4-E9A4B52DABA2"
},
{
"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:3.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61C42D81-7E18-47BF-9E03-AB402AF20F6F"
}
],
"operator": "OR"
}
]
}
]