CVE-2011-4551
Published Oct 1, 2012
Last updated 12 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in TikiWiki CMS/Groupware before 8.2 and LTS before 6.5 allows remote attackers to inject arbitrary web script or HTML via arbitrary parameters.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B46BEABB-4839-4D11-AF0C-E2E7CA5190BA",
"versionEndIncluding": "8.1"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5160514-D8C3-458A-B3A6-24CD4FB96BD2"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "481CEC51-C828-4AB7-9745-824B5D529D40"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD3F664D-C59E-4033-805B-BB3C85528091"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "457AEABE-F6C1-459A-883E-4D4F0DD8D441"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4401BA0E-5F63-405C-8C42-C2E1E4C45306"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69930A94-2008-4259-B2BE-BD159B1FD6FC"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A4DB362-E012-4A97-8EA4-9589D2811C3C"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4EC5B2D3-63D9-414D-92C2-4423CA525C22"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03BE8241-0A3F-48E5-9917-D22CC187F650"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC898854-88D0-44F7-A742-30956E99F879"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69CBF74D-A845-4461-8673-B3616339BD23"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74F3472D-158E-439A-BBAA-9DB8677C97B9"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "197A8FDC-2474-4FB8-80E1-10A898D4CDCD"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "395EC051-76D6-43AA-822D-4E3A65A714EC"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC0F2A72-FF54-4CB6-8456-35AC90945720"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DEA7EADB-82F1-4A28-8AF8-17F6BCFD4E23"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72AE1516-6085-4505-93EF-AFC8B7FEB357"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07C509BE-1B02-441E-9CA2-E568B39976DB"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "856C2298-D9AB-4947-B7A2-5457F7BA3BDB"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F91FDFE-D9F0-4839-B5A5-4F6400F2880A"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0FB6C008-CC5D-4EBF-A2DF-688840C45FEE"
},
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5EB2F4E7-FC71-4DB5-BDC4-9069E20C5C9F"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:*:-:lts:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3237496-CE94-4CDC-B88A-F6C04F0063EC",
"versionEndIncluding": "6.3"
}
],
"operator": "OR"
}
]
}
]