Lucene search

[email protected]CVE-2013-2309

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2013-2309

2022-10-0316:15:01

CWE-79

[email protected]

web.nvd.nist.gov

cve-2013-2309

cross-site scripting

xss

openpne

remote code injection

html injection

security vulnerability

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

50.5%

JSON

Cross-site scripting (XSS) vulnerability in the management screen in OpenPNE 3.4.x before 3.4.21.1, 3.6.x before 3.6.9.1, and 3.8.x before 3.8.5.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving the “mobile version color scheme.”

Affected configurations

NVD

Node

tejimayaopenpneMatch3.4rc1

tejimayaopenpneMatch3.4.0

tejimayaopenpneMatch3.4.0.1

tejimayaopenpneMatch3.4.1

tejimayaopenpneMatch3.4.1.1

tejimayaopenpneMatch3.4.2

tejimayaopenpneMatch3.4.3

tejimayaopenpneMatch3.4.4

tejimayaopenpneMatch3.4.4.1

tejimayaopenpneMatch3.4.5

tejimayaopenpneMatch3.4.6

tejimayaopenpneMatch3.4.6.1

tejimayaopenpneMatch3.4.6.2

tejimayaopenpneMatch3.4.7

tejimayaopenpneMatch3.4.8

tejimayaopenpneMatch3.4.9

tejimayaopenpneMatch3.4.9.1

tejimayaopenpneMatch3.4.9.2

tejimayaopenpneMatch3.4.10

tejimayaopenpneMatch3.4.11

tejimayaopenpneMatch3.4.11.1

tejimayaopenpneMatch3.4.12

tejimayaopenpneMatch3.4.12.1

tejimayaopenpneMatch3.4.13

tejimayaopenpneMatch3.4.14

tejimayaopenpneMatch3.4.14.1

tejimayaopenpneMatch3.4.15

tejimayaopenpneMatch3.4.15.1

tejimayaopenpneMatch3.4.16

tejimayaopenpneMatch3.4.17

tejimayaopenpneMatch3.4.18

tejimayaopenpneMatch3.4.19

tejimayaopenpneMatch3.4.21

tejimayaopenpneMatch3.4b

Node

tejimayaopenpneMatch3.6.0

tejimayaopenpneMatch3.6.1

tejimayaopenpneMatch3.6.2

tejimayaopenpneMatch3.6.3

tejimayaopenpneMatch3.6.4

tejimayaopenpneMatch3.6.5

tejimayaopenpneMatch3.6.6

tejimayaopenpneMatch3.6.7

tejimayaopenpneMatch3.6.8

tejimayaopenpneMatch3.6.9

Node

tejimayaopenpneMatch3.8.0

tejimayaopenpneMatch3.8.1

tejimayaopenpneMatch3.8.2

tejimayaopenpneMatch3.8.3

tejimayaopenpneMatch3.8.4

tejimayaopenpneMatch3.8.5

tejimayaopenpneMatch3.8.6

CPENameOperatorVersion
tejimaya:openpnetejimaya openpneeq3.4
tejimaya:openpnetejimaya openpneeq3.4.0
tejimaya:openpnetejimaya openpneeq3.4.0.1
tejimaya:openpnetejimaya openpneeq3.4.1
tejimaya:openpnetejimaya openpneeq3.4.1.1
tejimaya:openpnetejimaya openpneeq3.4.2
tejimaya:openpnetejimaya openpneeq3.4.3
tejimaya:openpnetejimaya openpneeq3.4.4
tejimaya:openpnetejimaya openpneeq3.4.4.1
tejimaya:openpnetejimaya openpneeq3.4.5

CPE	Name	Operator	Version
tejimaya:openpne	tejimaya openpne	eq	3.4
tejimaya:openpne	tejimaya openpne	eq	3.4.0
tejimaya:openpne	tejimaya openpne	eq	3.4.0.1
tejimaya:openpne	tejimaya openpne	eq	3.4.1
tejimaya:openpne	tejimaya openpne	eq	3.4.1.1
tejimaya:openpne	tejimaya openpne	eq	3.4.2
tejimaya:openpne	tejimaya openpne	eq	3.4.3
tejimaya:openpne	tejimaya openpne	eq	3.4.4
tejimaya:openpne	tejimaya openpne	eq	3.4.4.1
tejimaya:openpne	tejimaya openpne	eq	3.4.5