CVE-2011-4345

Published Nov 30, 2011

Last updated 8 years ago

Overview

Description: Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 2.6
Impact score: 2.9
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DABD090-5AD7-4C71-915A-E5380FA9BC87",
            "versionEndIncluding": "2.0.20"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E9E6345-F6AF-4AC4-B9A5-54EDAB3E49CB"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F17EB317-5BCF-4756-8F1E-FD3303BBC662"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71C4F1F4-53D0-4EE4-8F6C-171E9B43A942"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46FB42D2-C51A-4C2B-97DC-308246D7D853"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E70426F-C511-4582-BF05-448CCFB52607"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FB99CD9-3892-4F06-AE5A-66741CE8201F"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC5AC101-DF8C-4517-9F46-64E4201D2D9F"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CD2D7C9-9A19-4122-B2EF-EF7F53AC58C9"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C77F8A22-1EF7-4C39-B220-0E459EB7E9C4"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33892F22-3F37-4D0A-8108-215397470880"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References