Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2011-4172
cve-2011-4172
xss
web security
kent-web web forum
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.0%
Multiple cross-site scripting (XSS) vulnerabilities in KENT-WEB WEB FORUM before 5.1 allow remote attackers to inject arbitrary web script or HTML via (1) an e-mail address field or (2) a cookie, a related issue to CVE-2011-3383, CVE-2011-3983, and CVE-2011-3984.
Affected configurations
Node
kent-webweb_forumRange≤5.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| kent-web:web_forum | kent-web web forum | le | 5.1 |
References
Related
prion
prion
Cross site scripting
2011-10-24 18:55:00
Cross site scripting
2011-10-24 17:55:00
Cross site scripting
2011-10-24 17:55:00
cvelist
cvelist
nvd
nvd
cve
cve
jvn
jvn
JVN#36684331: WEB FORUM vulnerable to cross-site scripting
2011-10-11 00:00:00
JVN#80971236: WEB FORUM vulnerable to cross-site scripting
2011-10-11 00:00:00
JVN#89764731: WEB FORUM vulnerable to cross-site scripting
2011-10-11 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.0%
Related for CVE-2011-4172