Lucene search

[email protected]CVE-2008-6346

HistoryOct 03, 2022 - 4:13 p.m.

CVE-2008-6346

2022-10-0316:13:48

CWE-79

[email protected]

web.nvd.nist.gov

cve

2008

6346

cross-site scripting

xss

vulnerability

dr wiki

typo3

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.1%

JSON

Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) extension 1.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

dennis_royerdr_wikiRange≤1.7.1

dennis_royerdr_wikiMatch0.4

dennis_royerdr_wikiMatch0.5

dennis_royerdr_wikiMatch0.5.1

dennis_royerdr_wikiMatch0.5.2

dennis_royerdr_wikiMatch0.6

dennis_royerdr_wikiMatch0.6.1

dennis_royerdr_wikiMatch0.6.2

dennis_royerdr_wikiMatch0.7

dennis_royerdr_wikiMatch0.7.1

dennis_royerdr_wikiMatch0.7.2

dennis_royerdr_wikiMatch0.8

dennis_royerdr_wikiMatch0.8.1

dennis_royerdr_wikiMatch0.9

dennis_royerdr_wikiMatch0.9.1

dennis_royerdr_wikiMatch1.0.0

dennis_royerdr_wikiMatch1.0.1

dennis_royerdr_wikiMatch1.0.2

dennis_royerdr_wikiMatch1.1

dennis_royerdr_wikiMatch1.2

dennis_royerdr_wikiMatch1.3

dennis_royerdr_wikiMatch1.4.0

dennis_royerdr_wikiMatch1.4.1

dennis_royerdr_wikiMatch1.4.2

dennis_royerdr_wikiMatch1.4.3

dennis_royerdr_wikiMatch1.4.4

dennis_royerdr_wikiMatch1.4.5

dennis_royerdr_wikiMatch1.5.0

dennis_royerdr_wikiMatch1.5.1

dennis_royerdr_wikiMatch1.5.2

dennis_royerdr_wikiMatch1.5.3

dennis_royerdr_wikiMatch1.5.4

dennis_royerdr_wikiMatch1.5.5

dennis_royerdr_wikiMatch1.5.6

dennis_royerdr_wikiMatch1.6.0

dennis_royerdr_wikiMatch1.7.0

AND

typo3typo3

CPENameOperatorVersion
dennis_royer:dr_wikidennis royer dr wikile1.7.1
dennis_royer:dr_wikidennis royer dr wikieq0.4
dennis_royer:dr_wikidennis royer dr wikieq0.5
dennis_royer:dr_wikidennis royer dr wikieq0.5.1
dennis_royer:dr_wikidennis royer dr wikieq0.5.2
dennis_royer:dr_wikidennis royer dr wikieq0.6
dennis_royer:dr_wikidennis royer dr wikieq0.6.1
dennis_royer:dr_wikidennis royer dr wikieq0.6.2
dennis_royer:dr_wikidennis royer dr wikieq0.7
dennis_royer:dr_wikidennis royer dr wikieq0.7.1

CPE	Name	Operator	Version
dennis_royer:dr_wiki	dennis royer dr wiki	le	1.7.1
dennis_royer:dr_wiki	dennis royer dr wiki	eq	0.4
dennis_royer:dr_wiki	dennis royer dr wiki	eq	0.5
dennis_royer:dr_wiki	dennis royer dr wiki	eq	0.5.1
dennis_royer:dr_wiki	dennis royer dr wiki	eq	0.5.2
dennis_royer:dr_wiki	dennis royer dr wiki	eq	0.6
dennis_royer:dr_wiki	dennis royer dr wiki	eq	0.6.1
dennis_royer:dr_wiki	dennis royer dr wiki	eq	0.6.2
dennis_royer:dr_wiki	dennis royer dr wiki	eq	0.7
dennis_royer:dr_wiki	dennis royer dr wiki	eq	0.7.1

Rows per page:

1-10 of 361

References

secunia.com/advisories/33256

typo3.org/teams/security/security-bulletins/typo3-20081222-3/

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.1%

JSON

Related for CVE-2008-6346

prion1 nvd1 cvelist1