CVE-2009-2343

Published Jul 7, 2009

Last updated 15 years ago

Overview

Description: Cross-site scripting (XSS) vulnerability in people.php in Zoph before 0.7.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:zoph:zoph:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E5A6F89-921F-4505-ACC9-888A14F2AE69",
            "versionEndIncluding": "0.7.0.5"
          },
          {
            "criteria": "cpe:2.3:a:zoph:zoph:0.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6C51D78-6B7B-4726-BBC5-1597BEBAEC3E"
          },
          {
            "criteria": "cpe:2.3:a:zoph:zoph:0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53C4F1CF-B2BB-48B2-83F4-0520E5C9ACD8"
          },
          {
            "criteria": "cpe:2.3:a:zoph:zoph:0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "856E1497-3819-440B-8062-57FCCFD0E666"
          },
          {
            "criteria": "cpe:2.3:a:zoph:zoph:0.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF492E31-36B8-4F14-AF80-43484C26C96D"
          },
          {
            "criteria": "cpe:2.3:a:zoph:zoph:0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81989ECB-5AD1-42BB-A54D-06F1D1F6BF46"
          },
          {
            "criteria": "cpe:2.3:a:zoph:zoph:0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AB3829B-49A8-4B73-88E3-B37D0C396FFC"
          },
          {
            "criteria": "cpe:2.3:a:zoph:zoph:0.7.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13ABB946-E3B3-4CA7-8A0A-ACAC4C030785"
          },
          {
            "criteria": "cpe:2.3:a:zoph:zoph:0.7.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4590D940-90BA-4726-A800-93A96D2FD26E"
          },
          {
            "criteria": "cpe:2.3:a:zoph:zoph:0.7.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E06FA133-F834-4155-9837-848DAC44C777"
          },
          {
            "criteria": "cpe:2.3:a:zoph:zoph:0.7.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "934D81AD-8143-4B0F-928F-1DA47754924B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References