Lucene search

[email protected]CVE-2013-0734

HistoryMar 28, 2014 - 3:55 p.m.

CVE-2013-0734

2014-03-2815:55:08

CWE-79

[email protected]

web.nvd.nist.gov

cve

2013

0734

xss

vulnerabilities

mingle forum

wordpress

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) search_words parameter in a search action to wpf.class.php or (2) togroupusers parameter in an add_user_togroup action to fs-admin/fs-admin.php.

Affected configurations

NVD

Node

cartpaujmingle-forumRange≤1.0.33

cartpaujmingle-forumMatch1.0.00

cartpaujmingle-forumMatch1.0.01

cartpaujmingle-forumMatch1.0.02

cartpaujmingle-forumMatch1.0.03

cartpaujmingle-forumMatch1.0.04

cartpaujmingle-forumMatch1.0.05

cartpaujmingle-forumMatch1.0.06

cartpaujmingle-forumMatch1.0.07

cartpaujmingle-forumMatch1.0.08

cartpaujmingle-forumMatch1.0.09

cartpaujmingle-forumMatch1.0.10

cartpaujmingle-forumMatch1.0.11

cartpaujmingle-forumMatch1.0.12

cartpaujmingle-forumMatch1.0.13

cartpaujmingle-forumMatch1.0.14

cartpaujmingle-forumMatch1.0.15

cartpaujmingle-forumMatch1.0.16

cartpaujmingle-forumMatch1.0.17

cartpaujmingle-forumMatch1.0.18

cartpaujmingle-forumMatch1.0.19

cartpaujmingle-forumMatch1.0.20

cartpaujmingle-forumMatch1.0.21

cartpaujmingle-forumMatch1.0.21.1

cartpaujmingle-forumMatch1.0.22

cartpaujmingle-forumMatch1.0.23

cartpaujmingle-forumMatch1.0.23.1

cartpaujmingle-forumMatch1.0.23.2

cartpaujmingle-forumMatch1.0.24

cartpaujmingle-forumMatch1.0.25

cartpaujmingle-forumMatch1.0.26

cartpaujmingle-forumMatch1.0.27

cartpaujmingle-forumMatch1.0.28

cartpaujmingle-forumMatch1.0.28.1

cartpaujmingle-forumMatch1.0.28.2

cartpaujmingle-forumMatch1.0.29

cartpaujmingle-forumMatch1.0.30

cartpaujmingle-forumMatch1.0.31

cartpaujmingle-forumMatch1.0.31.1

cartpaujmingle-forumMatch1.0.31.2

cartpaujmingle-forumMatch1.0.31.3

cartpaujmingle-forumMatch1.0.31.4

cartpaujmingle-forumMatch1.0.32

cartpaujmingle-forumMatch1.0.32.1

AND

wordpresswordpressMatch-

CPENameOperatorVersion
cartpauj:mingle-forumcartpauj mingle-forumle1.0.33
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.00
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.01
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.02
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.03
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.04
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.05
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.06
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.07
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.08

CPE	Name	Operator	Version
cartpauj:mingle-forum	cartpauj mingle-forum	le	1.0.33
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.00
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.01
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.02
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.03
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.04
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.05
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.06
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.07
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.08