Lucene search

K
cve[email protected]CVE-2011-1129
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-1129

2022-10-0316:15:11
CWE-79
web.nvd.nist.gov
24
cve-2011-1129
cross-site scripting
xss
smf
vulnerability
web script
html
nvd

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

35.1%

Cross-site scripting (XSS) vulnerability in the EditNews function in ManageNews.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, might allow remote authenticated users to inject arbitrary web script or HTML via a save_items action.

Affected configurations

NVD
Node
simplemachinessmfRange1.1.12
OR
simplemachinessmfMatch1.0
OR
simplemachinessmfMatch1.0beta4
OR
simplemachinessmfMatch1.0beta4.1
OR
simplemachinessmfMatch1.0beta5
OR
simplemachinessmfMatch1.0beta6
OR
simplemachinessmfMatch1.0rc1
OR
simplemachinessmfMatch1.0rc2
OR
simplemachinessmfMatch1.0.1
OR
simplemachinessmfMatch1.0.2
OR
simplemachinessmfMatch1.0.3
OR
simplemachinessmfMatch1.0.4
OR
simplemachinessmfMatch1.0.5
OR
simplemachinessmfMatch1.0.6
OR
simplemachinessmfMatch1.0.7
OR
simplemachinessmfMatch1.0.8
OR
simplemachinessmfMatch1.0.9
OR
simplemachinessmfMatch1.0.10
OR
simplemachinessmfMatch1.0.12
OR
simplemachinessmfMatch1.0.13
OR
simplemachinessmfMatch1.0.14
OR
simplemachinessmfMatch1.0.15
OR
simplemachinessmfMatch1.0.16
OR
simplemachinessmfMatch1.0.17
OR
simplemachinessmfMatch1.0.18
OR
simplemachinessmfMatch1.0.19
OR
simplemachinessmfMatch1.0.20
OR
simplemachinessmfMatch1.0.21
OR
simplemachinessmfMatch1.1
OR
simplemachinessmfMatch1.1beta1
OR
simplemachinessmfMatch1.1beta2
OR
simplemachinessmfMatch1.1beta3
OR
simplemachinessmfMatch1.1beta4
OR
simplemachinessmfMatch1.1rc1
OR
simplemachinessmfMatch1.1rc2
OR
simplemachinessmfMatch1.1rc3
OR
simplemachinessmfMatch1.1.1
OR
simplemachinessmfMatch1.1.2
OR
simplemachinessmfMatch1.1.3
OR
simplemachinessmfMatch1.1.4
OR
simplemachinessmfMatch1.1.5
OR
simplemachinessmfMatch1.1.6
OR
simplemachinessmfMatch1.1.7
OR
simplemachinessmfMatch1.1.8
OR
simplemachinessmfMatch1.1.9
OR
simplemachinessmfMatch1.1.10
OR
simplemachinessmfMatch1.1.11
Node
simplemachinessmfMatch2.0beta1
OR
simplemachinessmfMatch2.0beta2
OR
simplemachinessmfMatch2.0beta2.1
OR
simplemachinessmfMatch2.0beta3
OR
simplemachinessmfMatch2.0beta3.1
OR
simplemachinessmfMatch2.0beta4
OR
simplemachinessmfMatch2.0rc1
OR
simplemachinessmfMatch2.0rc2
OR
simplemachinessmfMatch2.0rc3
OR
simplemachinessmfMatch2.0rc4
VendorProductVersionCPE
simplemachinessmf1.0cpe:/a:simplemachines:smf:1.0:::
simplemachinessmf1.1.4cpe:/a:simplemachines:smf:1.1.4:::
simplemachinessmf1.0.15cpe:/a:simplemachines:smf:1.0.15:::
simplemachinessmf1.0.12cpe:/a:simplemachines:smf:1.0.12:::
simplemachinessmfcpe:/a:simplemachines:smf::::
simplemachinessmf1.1cpe:/a:simplemachines:smf:1.1:rc2::
simplemachinessmf1.0.10cpe:/a:simplemachines:smf:1.0.10:::
simplemachinessmf1.1cpe:/a:simplemachines:smf:1.1:::
simplemachinessmf1.1cpe:/a:simplemachines:smf:1.1:beta1::
simplemachinessmf1.1cpe:/a:simplemachines:smf:1.1:beta4::
Rows per page:
1-10 of 471

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

35.1%

Related for CVE-2011-1129