CVE-2013-1466

Published Feb 5, 2014
Last updated 7 years ago
CVSS info 4.3
Overview

Description: Multiple cross-site scripting (XSS) vulnerabilities in glFusion before 1.2.2.pl4 allow remote attackers to inject arbitrary web script or HTML via the (1) subject parameter to profiles.php; (2) address1, (3) address2, (4) calendar_type, (5) city, (6) state, (7) title, (8) url, or (9) zipcode parameter to calendar/index.php; (10) title or (11) url parameter to links/index.php; or (12) PATH_INFO to admin/plugins/mediagallery/xppubwiz.php/.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-79
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD92F979-758E-48EB-B6D7-F838531F7E16",
            "versionEndIncluding": "1.2.2.pl3"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "798B4747-978F-46D2-8EF1-76D8BC0872F2"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.0.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3D0B5AC-35D8-4900-B2F8-95D661E880CF"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.0.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FE6694E-7ED1-45F4-94D7-D5CD9AA6D801"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D711131E-314B-4BBE-9E6F-973C154694B4"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0A24202-EB12-4428-A327-97504EB460B6"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D80EE971-44CA-478F-88CB-A13CBDD628CF"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51D13EE5-3B44-4AB3-86CD-01E9488DFBF4"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6941B9D9-5EA0-4954-89E8-350B4EE8E35A"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "028947C2-71A3-4FBF-BBCD-BA7CF0098E96"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E7BB830-42C3-4A2A-AF2B-283669BE5A3F"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D786A2AB-45C0-49B5-9F0D-97FCCC57BF06"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.4.pl1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76A78CD4-81C7-43D0-AF55-70D6764CB28B"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.4.pl2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "549C3BC2-63D2-42FA-8984-EB128307207E"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.4.pl3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19B08E87-DCB7-4C2C-BDF8-668662B6EE58"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.4.pl4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7F545F2-284A-4408-B14B-B1465E176EBB"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32A9987A-0F8E-4C39-8E97-ED3AD9406DD1"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.5.pl1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FE0FE37-5B63-4223-96C6-29BE6E4E2A38"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.5.pl2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C1674FB-3745-4BF7-B5F3-31A4CB215FA7"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.5.pl3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BB7FC4C-DB19-4481-85F5-BC5D5350F763"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A06C07C1-B8E4-4D97-8FD3-17F2B06F2D4F"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.6.pl1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9593FFEB-AD09-41EC-950D-5031C7C0AD5B"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.6.pl2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD289399-93D2-4CA9-8F47-9CE988C01EF6"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.6.pl3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6529D3F-8BF1-4786-8A2A-EEA5333EF6BA"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.6.pl4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB63EE52-AC26-4EEF-B1A9-7646B775A047"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6EA0CD3-E34F-49B0-BE66-C1E8FBAE3BA2"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "082CF717-6FA4-4D22-9B76-AF5B93D8560D"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.8.pl1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "121594F2-E714-4E49-AAF4-7514F1B87646"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.8.pl2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7841881-DAE5-46A1-AFC5-5FD39F562BEA"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.8.pl3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90AB990C-8001-4806-A738-4A64590C6C56"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.8.pl4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA21F45F-6E49-4318-99BE-DFB1558B8B4D"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.8.pl5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "059CD172-ADE1-4FCB-8D84-298BA42619A7"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.1.8.pl6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F870B42-E57D-4F60-A23E-06F047BCB4B1"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "690C9C93-BB9F-47A5-9A35-B74A6880EAA6"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.2.0.pl1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9249610A-71BB-48A2-BCCD-C1E29F3AD0B3"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.2.0.pl2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "746D9173-90F4-4E82-B6D3-7C21A87FE2FC"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.2.0.pl3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD719B97-ED18-40A9-A3A5-81078F262F8B"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.2.0.pl4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAAE38F5-BB94-442D-8705-DE4E90F9157F"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.2.0.pl5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87ED44C1-8CEE-4B19-90D2-0DE6C84C5CB0"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.2.0.pl6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9032E4DB-C006-4518-89C0-3A2308E1E377"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.2.0.pl7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8614BDE0-BF9C-4E76-B2B2-76816D615697"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "149A1A90-65A5-4BF1-A2A6-C5915E0A834B"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.2.2.pl1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA5F3981-D478-4D94-8925-C3E7C97F25BF"
          },
          {
            "criteria": "cpe:2.3:a:glfusion:glfusion:1.2.2.pl2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C85324AE-C3BE-4864-8212-E2823AFA6E2F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
