Lucene search

[email protected]CVE-2014-1968

HistoryFeb 27, 2014 - 1:55 a.m.

CVE-2014-1968

2014-02-2701:55:04

CWE-79

[email protected]

web.nvd.nist.gov

cve-2014-1968

cross-site scripting

xss

xoonips

xoops

web security

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.3%

JSON

Cross-site scripting (XSS) vulnerability in the XooNIps module 3.47 and earlier for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

rikenxoonipsRange≤3.47xoops

rikenxoonipsMatch3.40xoops

rikenxoonipsMatch3.41xoops

rikenxoonipsMatch3.42xoops

rikenxoonipsMatch3.43xoops

rikenxoonipsMatch3.44xoops

rikenxoonipsMatch3.45xoops

rikenxoonipsMatch3.46xoops

CPENameOperatorVersion
riken:xoonipsriken xoonipsle3.47
riken:xoonipsriken xoonipseq3.40
riken:xoonipsriken xoonipseq3.41
riken:xoonipsriken xoonipseq3.42
riken:xoonipsriken xoonipseq3.43
riken:xoonipsriken xoonipseq3.44
riken:xoonipsriken xoonipseq3.45
riken:xoonipsriken xoonipseq3.46

CPE	Name	Operator	Version
riken:xoonips	riken xoonips	le	3.47
riken:xoonips	riken xoonips	eq	3.40
riken:xoonips	riken xoonips	eq	3.41
riken:xoonips	riken xoonips	eq	3.42
riken:xoonips	riken xoonips	eq	3.43
riken:xoonips	riken xoonips	eq	3.44
riken:xoonips	riken xoonips	eq	3.45
riken:xoonips	riken xoonips	eq	3.46

References

jvn.jp/en/jp/JVN87797318/index.html

jvndb.jvn.jp/jvndb/JVNDB-2014-000025

www.securityfocus.com/bid/65807

xoonips.sourceforge.jp

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.3%

JSON

Related for CVE-2014-1968

jvn1 nvd1 prion1 cvelist1