CVE-2011-2510

Published Jul 14, 2011

Last updated 7 years ago

Overview

Description: Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject arbitrary web script or HTML via a link.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:dokuwiki:dokuwiki:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0361554F-C459-4932-90EE-7AC8BA61BF34",
            "versionEndIncluding": "2010-11-07a"
          },
          {
            "criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2005-07-01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB2A5412-2F05-4F07-A082-2F57A0BEC50C"
          },
          {
            "criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2005-07-13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "558BE818-E004-4F21-B49E-BD2FB6227C78"
          },
          {
            "criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2005-09-19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3434315F-BA84-418A-B76F-1B631451DCD6"
          },
          {
            "criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2005-09-22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5120DDA0-C1A0-4B7E-ACE8-EDB09391491A"
          },
          {
            "criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2006-03-05:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A75E526E-7BEB-4246-9865-DA46FEC6E66E"
          },
          {
            "criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2006-03-09:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E29643D4-0746-435A-97B3-608BB831339F"
          },
          {
            "criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2006-11-06:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86B05C3B-F637-441A-AB74-CB47215589F7"
          },
          {
            "criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2007-06-26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64D85DB6-8B5F-4301-AA4A-1BA0EBBD00A9"
          },
          {
            "criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2008-05-05:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DD1CD46-269E-4D2C-9C41-CCCBA8F84BCD"
          },
          {
            "criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2009-02-14b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06B2EED0-5322-400C-A724-ACD15B281050"
          },
          {
            "criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2009-12-25c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED3FF52A-EDE9-468E-BADA-659F90049264"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References