Lucene search

[email protected]CVE-2011-4193

HistoryApr 16, 2014 - 6:37 p.m.

CVE-2011-4193

2014-04-1618:37:11

CWE-79

[email protected]

web.nvd.nist.gov

cve-2011-4193

xss

suse studio

remote code injection

web security

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.2%

JSON

Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted application, related to cloning.

Affected configurations

NVD

Node

susestudio_extension_for_system_zMatch1.2

susestudio_onsiteMatch1.2

CPENameOperatorVersion
suse:studio_extension_for_system_zsuse studio extension for system zeq1.2
suse:studio_onsitesuse studio onsiteeq1.2

CPE	Name	Operator	Version
suse:studio_extension_for_system_z	suse studio extension for system z	eq	1.2
suse:studio_onsite	suse studio onsite	eq	1.2

References

lists.opensuse.org/opensuse-security-announce/2011-12/msg00015.html

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.2%

JSON

Related for CVE-2011-4193

prion1 nvd1 cvelist1 suse1