CVE-2014-8658

Published Nov 6, 2014

Last updated 6 years ago

CVSS info 4.0

Overview

Description: Cross-site scripting (XSS) vulnerability in RefinedWiki Original Theme 3.x before 3.5.13 and 4.x before 4.0.12 for Confluence allows remote authenticated users with permissions to create or edit content to inject arbitrary web script or HTML via the versionComment parameter to pages/doeditpage.action.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70B90D75-0231-45A2-A87D-4B4941CB5400"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.1:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "574F33B9-AB1B-445B-ADCD-66D8E5039E24"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.2:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCE7779B-21E0-4BF4-B4EA-203F6AE26478"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.3:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7D3D25F-D512-409F-8A85-272285A79423"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.4:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F9ACCB2-8FE0-4824-9B4D-48CE91E9BD53"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.5:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6119640D-0B18-4B4B-9316-A782471916C4"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.6:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEEB750F-35FF-4BC0-9203-4BA1E732FC16"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.7:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25E0DD90-C597-4AF6-8FB7-1A54016E2C61"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.8:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F220881C-B809-49A9-B9F1-0FE3EB64AE2F"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.9:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE394B25-E5A3-4AA5-B299-697D62165A08"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.10:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52A290B2-86E3-49DC-94D7-10DF22BA3C64"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.11:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCB034B0-510D-49CB-A59F-98468AE00F0F"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.12:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23889179-06A2-4C28-9DD4-15B064FFC397"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.13:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BD19E98-CF8F-4568-9D32-F78B600145B5"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77771597-4758-4686-84A4-93002559AC86"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.1:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "702ECEF9-62C5-47B5-8480-197E8508DC27"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.2:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AE6CBEA-B5AC-4249-8C29-1CC1F178759D"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.3:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADF40189-BF9E-4D03-8702-35309FD8BC1D"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.4:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D26ED02D-9679-4D07-BEF4-72CC1D162D04"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.5:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF403433-A553-49BB-95A0-D516D0958E7A"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.6:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E956C55B-402C-4C32-A775-2DAE927FE7D3"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.7:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C25ADD46-836F-400F-86B6-8527F6E5713B"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.8:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9EBF426-A3F5-4634-B48F-D0BE52969F2B"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.9:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66E21CFD-2BA6-4950-A454-52DD56BE4629"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.10:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4311F58-A0AF-41D0-ACBE-6990D6EA901D"
          },
          {
            "criteria": "cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.11:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A04F8A1B-5363-41ED-90A5-A0F6556AFBDE"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References