CVE-2013-6047

Published Feb 25, 2014

Last updated 7 years ago

CVSS info 4.3

Overview

Description: Multiple cross-site scripting (XSS) vulnerabilities in the site creation interface in ikiwiki-hosting before 0.20131025 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D408EE7-DF05-4510-935D-890B74403190",
            "versionEndIncluding": "0.20130926"
          },
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:0.20110401:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9DACFDB0-C14C-4C93-B8EA-3DD8C47ABAD0"
          },
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:0.20110420:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96CDD7E2-076D-4B23-91C9-6910BFEC9D98"
          },
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:0.20110424:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF491C43-7993-452B-93BE-22EF37B668AF"
          },
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:0.20110515:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EC8B5F3-66D0-48DE-82E5-938E97177532"
          },
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:0.20110608:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEFFE60E-F1C0-4EA7-A107-AA4DB7D97F8B"
          },
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:0.20110926:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "000812B1-CF10-47D9-AD60-C68A82E43E37"
          },
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:0.20111005:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03053462-4743-41B6-B0A4-31FD8A76F9C9"
          },
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:0.20120125:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A98CF9C-7E2D-4654-B271-59F8D0CD5D60"
          },
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:0.20120131:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60B8CDFA-E043-41E8-8335-2ADCB2D96E8C"
          },
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:0.20120425:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFBF88DE-4A06-475F-BF22-D85429147B25"
          },
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:0.20120526:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5078AF55-4CCE-4D35-86CA-680D955DE654"
          },
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:0.20120527:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "353523BD-5654-4A71-84CF-FC34E543FD4B"
          },
          {
            "criteria": "cpe:2.3:a:ikiwiki_hosting_project:ikiwiki_hosting:0.20130504:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37F1B932-E010-4F7E-80AB-5C48ECC6DA58"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References