Lucene search
HistoryJun 09, 2014 - 7:55 p.m.
CVE-2013-3082
cve
2013
3082
cross-site scripting
xss
vulnerability
jojo
remote attackers
web script
html
forgot password
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.7%
Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_password.php in Jojo before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter to forgot-password/.
Affected configurations
Node
jojocmsjojo-cmsRange≤1.2.1
ORjojocmsjojo-cmsMatch1.1
ORjojocmsjojo-cmsMatch1.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| jojocms:jojo-cms | jojocms jojo-cms | le | 1.2.1 |
| jojocms:jojo-cms | jojocms jojo-cms | eq | 1.1 |
| jojocms:jojo-cms | jojocms jojo-cms | eq | 1.2 |
Related
nvd
nvd
CVE-2013-3082
2014-06-09 19:55:09
cvelist
cvelist
CVE-2013-3082
2014-06-09 19:00:00
prion
prion
Cross site scripting
2014-06-09 19:55:00
htbridge
htbridge
Multiple Vulnerabilities in Jojo CMS
2013-04-17 00:00:00
openvas
openvas
Jojo CMS Multiple Vulnerabilities
2013-05-23 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.7%
Related for CVE-2013-3082