Lucene search

MitreCVE-2013-4746

HistoryJul 01, 2013 - 11:55 p.m.

CVE-2013-4746

2013-07-0123:55:01

CWE-79

mitre

web.nvd.nist.gov

cve-2013-4746

cross-site scripting

xss

my quiz and poll

typo3

vulnerability

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

57.2%

JSON

Cross-site scripting (XSS) vulnerability in the My quiz and poll (myquizpoll) extension before 2.0.6 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd

Node

kurt_gusbethmyquizpollRange≤1.4.0

kurt_gusbethmyquizpollMatch0.1.1

kurt_gusbethmyquizpollMatch0.1.2

kurt_gusbethmyquizpollMatch0.1.3

kurt_gusbethmyquizpollMatch0.1.4

kurt_gusbethmyquizpollMatch0.1.5

kurt_gusbethmyquizpollMatch0.1.6

kurt_gusbethmyquizpollMatch0.1.7

kurt_gusbethmyquizpollMatch0.2.0

kurt_gusbethmyquizpollMatch0.2.1

kurt_gusbethmyquizpollMatch0.2.2

kurt_gusbethmyquizpollMatch0.3.0

kurt_gusbethmyquizpollMatch0.4.0

kurt_gusbethmyquizpollMatch1.0.0

kurt_gusbethmyquizpollMatch1.0.1

kurt_gusbethmyquizpollMatch1.1.0

kurt_gusbethmyquizpollMatch1.2.0

kurt_gusbethmyquizpollMatch1.3.0

AND

typo3typo3Match-

VendorProductVersionCPE
kurt_gusbethmyquizpoll*cpe:2.3:a:kurt_gusbeth:myquizpoll:*:*:*:*:*:*:*:*
kurt_gusbethmyquizpoll0.1.1cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.1:*:*:*:*:*:*:*
kurt_gusbethmyquizpoll0.1.2cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.2:*:*:*:*:*:*:*
kurt_gusbethmyquizpoll0.1.3cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.3:*:*:*:*:*:*:*
kurt_gusbethmyquizpoll0.1.4cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.4:*:*:*:*:*:*:*
kurt_gusbethmyquizpoll0.1.5cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.5:*:*:*:*:*:*:*
kurt_gusbethmyquizpoll0.1.6cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.6:*:*:*:*:*:*:*
kurt_gusbethmyquizpoll0.1.7cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.7:*:*:*:*:*:*:*
kurt_gusbethmyquizpoll0.2.0cpe:2.3:a:kurt_gusbeth:myquizpoll:0.2.0:*:*:*:*:*:*:*
kurt_gusbethmyquizpoll0.2.1cpe:2.3:a:kurt_gusbeth:myquizpoll:0.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kurt_gusbeth	myquizpoll	*	cpe:2.3:a:kurt_gusbeth:myquizpoll::::::::
kurt_gusbeth	myquizpoll	0.1.1	cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.1:::::::*
kurt_gusbeth	myquizpoll	0.1.2	cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.2:::::::*
kurt_gusbeth	myquizpoll	0.1.3	cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.3:::::::*
kurt_gusbeth	myquizpoll	0.1.4	cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.4:::::::*
kurt_gusbeth	myquizpoll	0.1.5	cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.5:::::::*
kurt_gusbeth	myquizpoll	0.1.6	cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.6:::::::*
kurt_gusbeth	myquizpoll	0.1.7	cpe:2.3:a:kurt_gusbeth:myquizpoll:0.1.7:::::::*
kurt_gusbeth	myquizpoll	0.2.0	cpe:2.3:a:kurt_gusbeth:myquizpoll:0.2.0:::::::*
kurt_gusbeth	myquizpoll	0.2.1	cpe:2.3:a:kurt_gusbeth:myquizpoll:0.2.1:::::::*

Rows per page:

1-10 of 191

References

osvdb.org/90409

typo3.org/extensions/repository/view/myquizpoll

typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-005/

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

57.2%

JSON

Related for CVE-2013-4746