Lucene search

[email protected]CVE-2011-4333

HistoryOct 23, 2017 - 6:29 p.m.

CVE-2011-4333

2017-10-2318:29:00

CWE-79

[email protected]

web.nvd.nist.gov

cve

2011

4333

xss

labwiki

vulnerabilities

web script

html

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

39.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in LabWiki 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) from parameter to index.php or the (2) page_no parameter to recentchanges.php.

Affected configurations

NVD

Node

scilicolabwikiRange≤1.1

CPENameOperatorVersion
scilico:labwikiscilico labwikile1.1

CPE	Name	Operator	Version
scilico:labwiki	scilico labwiki	le	1.1

References

www.openwall.com/lists/oss-security/2011/11/21/16

www.openwall.com/lists/oss-security/2014/02/08/5

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

39.8%

JSON

Related for CVE-2011-4333

cvelist1 nvd1 prion1