Lucene search

K
cve[email protected]CVE-2011-2510
HistoryJul 14, 2011 - 11:55 p.m.

CVE-2011-2510

2011-07-1423:55:05
CWE-79
web.nvd.nist.gov
25
cve-2011-2510
cross-site scripting
xss
dokuwiki
rincewind
vulnerability
nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.4 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.5%

Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject arbitrary web script or HTML via a link.

Affected configurations

NVD
Node
dokuwikidokuwikiRange2010-11-07a
OR
dokuwikidokuwikiMatch2005-07-01
OR
dokuwikidokuwikiMatch2005-07-13
OR
dokuwikidokuwikiMatch2005-09-19
OR
dokuwikidokuwikiMatch2005-09-22
OR
dokuwikidokuwikiMatch2006-03-05
OR
dokuwikidokuwikiMatch2006-03-09
OR
dokuwikidokuwikiMatch2006-11-06
OR
dokuwikidokuwikiMatch2007-06-26
OR
dokuwikidokuwikiMatch2008-05-05
OR
dokuwikidokuwikiMatch2009-02-14b
OR
dokuwikidokuwikiMatch2009-12-25c

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.4 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.5%