Lucene search
MitreCVE-2010-0349HistoryJan 15, 2010 - 8:30 p.m.
CVE-2010-0349
2010-01-1520:30:00
CWE-79
mitre
web.nvd.nist.gov
35
cve-2010-0349
cross-site scripting
xss vulnerability
c3 corp
webcalenderc3
remote attackers
web script
html
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.003
Percentile
65.5%
Cross-site scripting (XSS) vulnerability in C3 Corp. WebCalenderC3 0.32 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: this issue could not be reproduced by the vendor, but a patch was provided anyway. The original researcher is reliable.
Affected configurations
Node
c-3.co.jpwebcalenderc3Range≤0.32
ORc-3.co.jpwebcalenderc3Match0.31
ORc-3.co.jpwebcalenderc3Match0.31s2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| c-3.co.jp | webcalenderc3 | * | cpe:2.3:a:c-3.co.jp:webcalenderc3:*:*:*:*:*:*:*:* |
| c-3.co.jp | webcalenderc3 | 0.31 | cpe:2.3:a:c-3.co.jp:webcalenderc3:0.31:*:*:*:*:*:*:* |
| c-3.co.jp | webcalenderc3 | 0.31 | cpe:2.3:a:c-3.co.jp:webcalenderc3:0.31:s2:*:*:*:*:*:* |
Related
jvn
jvn
JVN#33977065 WebCalenderC3 cross-site scripting vulnerability
2010-01-12 00:00:00
prion
prion
Cross site scripting
2010-01-15 20:30:00
nvd
nvd
CVE-2010-0349
2010-01-15 20:30:00
cvelist
cvelist
CVE-2010-0349
2010-01-15 20:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.003
Percentile
65.5%
Related for CVE-2010-0349