CVE-2010-1593
Published Apr 28, 2010
Last updated 6 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (1) the CommenterURL parameter to PostCommentForm, and in the Forum module before 0.2.5 in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (2) the Search parameter to forums/search (aka the search script).
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58772C70-26CB-4BE1-9C76-C8C4C45E40D8",
"versionEndIncluding": "2.3.4"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D93D92D9-A3CC-46D0-8539-587F2B3A3A07"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6330F446-45E8-4C3E-8585-4BAA9385DFD8"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3AC23F5D-AC9E-4F83-95B2-CEF6E546E732"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "77480CB4-04B8-4934-AB1D-B61BB262CD40"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D735517-B50D-4C4B-A95F-E48626AB5671"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CA1CDF7-D273-4044-94AB-3295EAD98AD0"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE8AB709-B4E7-4D48-8481-08BBCD9121A2"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D51AEAF-EACD-4E52-85D4-5A54A443EDBA"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "800CC172-F319-41A2-8C29-8944B98930B9"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24734325-97DA-4B2C-B192-3F4B83CCF0C0"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D875C510-39F2-4726-9DBD-3D95A5CB3D5D"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BE8C544D-E233-488D-B768-8C077BB79338"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.3.0:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26E1807F-7DEB-4519-95B9-4FA647C7D477"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "609BEA7D-81F2-4DFE-AB2A-157A6B7DE348"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.3.1:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAB67F4E-0E56-4597-BD9B-90D07685D7F7"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.3.1:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA541F02-F78A-4E43-8212-690810311187"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7856E216-D7B7-48A5-9D20-9F1973DA005D"
},
{
"criteria": "cpe:2.3:a:silverstripe:silverstripe:2.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF4FF5F5-6565-4EA1-8099-2C4C964DA006"
}
],
"operator": "OR"
}
]
}
]