CVE-2014-3949
Published Jun 4, 2014
Last updated 10 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in the layout wizard in the Grid Elements (gridelements) extension before 1.5.1 and 2.0.x before 2.0.3 for TYPO3 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93D2F82D-F866-4E01-B5CB-97F6ABA52F38",
"versionEndIncluding": "1.5.0"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:0.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "09111685-4297-4F93-8052-318D4FD5E808"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:0.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17FDD00C-90C5-4EA2-8B72-01C9C0B95459"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:0.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "13A405A9-5066-4B4B-AED6-B4734D46FDA8"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:0.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86549BF1-84EE-49DA-AD84-567B5CB5F0D2"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:0.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0AF66FBF-FEF1-4190-BAA9-A31E6D5809F7"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F92AB4BD-CC6B-46C8-8621-C2F8467B9442"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F07B3379-173D-4135-94B3-6A1B932E4E26"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B09F6A98-35CD-4A2A-A6B5-90B177921561"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1383A3D6-2643-4EA2-B326-438BB38C12B6"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C145E2A0-04BA-4BEB-A50E-4041D0D4AEF2"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B8E5264-5E3A-45D5-8E35-26EA6BDBA06E"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19BB9EAE-C9A1-41EA-A06D-2B5FB75DB37E"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "05ABCCE1-C176-49F0-AE28-4A318B90C64B"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07DCEDC1-1058-4281-A9C9-5B8E8170E932"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "354E43A6-9190-4C6E-A757-BAE006652834"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5366D77-F6E3-4127-A006-C29D98B80103"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65522EE6-A402-4CAC-B260-4E6D26D838CB"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1E45A7A-90A0-40F2-8684-C2F5A010DB81"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "77C69307-17E4-4B93-8B3C-9DB8FF4D7E20"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "595323ED-9C0A-4B3E-8ECB-F5327278FC63"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A392163-529B-49FA-B8D5-9037ABDED2A8"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1BB3339C-1081-4822-BE24-49E84991624F"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BEC7DB2-FE6F-4B41-BA3F-7B482ADF22C1"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0985C30-036E-4915-BBFF-7146958C986F"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.3.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A4C626CA-19BF-4BAF-B6BC-B5B70B01CA05"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB3E1B7D-2008-4226-A5A1-A3FBCD39D863"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:1.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A669183-F816-4A0A-BD99-15B8E7080408"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:typo3:typo3:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E66C5ABA-7727-4562-A792-5E450098D520"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:2.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE227017-1C49-48BC-B221-C6952D94317E"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3EC06E3-5DC2-4E11-BF26-52024323BE32"
},
{
"criteria": "cpe:2.3:a:jo_hasenau:gridelements:2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D9CD0BE-74DA-4112-A47F-B41E1E0325E6"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:typo3:typo3:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E66C5ABA-7727-4562-A792-5E450098D520"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]