ID CVE-2018-15584Type cveReporter cve@mitre.orgModified 2019-04-27T20:19:00
Description
Cross-Site Scripting (XSS) vulnerability in adm/boardgroup_form_update.php and adm/boardgroup_list_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.
{"id": "CVE-2018-15584", "bulletinFamily": "NVD", "title": "CVE-2018-15584", "description": "Cross-Site Scripting (XSS) vulnerability in adm/boardgroup_form_update.php and adm/boardgroup_list_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.", "published": "2019-04-26T20:29:00", "modified": "2019-04-27T20:19:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-15584", "reporter": "cve@mitre.org", "references": ["https://github.com/gnuboard/gnuboard5/commit/b1fc952c7600b825c4b02e2789ddafdea18c8d13#diff-22d0b3c0987a60483473990fc07f1886", "https://github.com/gnuboard/gnuboard5/commit/b1fc952c7600b825c4b02e2789ddafdea18c8d13#diff-0e9aa589be0cec73df5f154aa40f5b06"], "cvelist": ["CVE-2018-15584"], "type": "cve", "lastseen": "2019-09-06T11:49:06", "history": [{"bulletin": {"affectedSoftware": [], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cvelist": ["CVE-2018-15584"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7}, "cwe": ["CWE-79"], "description": "Cross-Site Scripting (XSS) vulnerability in adm/boardgroup_form_update.php and adm/boardgroup_list_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:19:48", "references": []}, "score": {"modified": "2019-05-29T18:19:48", "value": 3.4, "vector": "NONE"}}, "hash": "931227b0d52b8d1d45d888710fa0b646026eedec26d084f9eb923ede35039611", "hashmap": [{"hash": "713c71cbfcbbb73877c7cbf15bb4ae25", "key": "references"}, {"hash": "f0d47836a8fa61ed164560290a026ed5", "key": "published"}, {"hash": "f9048d548aea2a33f8c8fe44e8c9817c", "key": "cvss3"}, {"hash": "a66ed24bf004c8dbf310ef60e2347797", "key": "title"}, {"hash": "4419eb17de947d4d6b67ac07ed8d9064", "key": "cvss2"}, {"hash": "d29f0188cccdfd610a8e086396d9721f", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "996c9900fe5eebd6ae4bc202e712665f", "key": "href"}, {"hash": "85563a34d1143fe421c47d2c117fc93a", "key": "description"}, {"hash": "9de153333520bdaf79e4a12dac3ebe34", "key": "cvelist"}, {"hash": "34e69e045b64924bccf865d56b6918a2", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-15584", "id": "CVE-2018-15584", "lastseen": "2019-05-29T18:19:48", "modified": "2019-04-27T20:19:00", "objectVersion": "1.3", "published": "2019-04-26T20:29:00", "references": ["https://github.com/gnuboard/gnuboard5/commit/b1fc952c7600b825c4b02e2789ddafdea18c8d13#diff-22d0b3c0987a60483473990fc07f1886", "https://github.com/gnuboard/gnuboard5/commit/b1fc952c7600b825c4b02e2789ddafdea18c8d13#diff-0e9aa589be0cec73df5f154aa40f5b06"], "reporter": "cve@mitre.org", "title": "CVE-2018-15584", "type": "cve", "viewCount": 0}, "differentElements": ["cpe", "affectedSoftware"], "edition": 1, "lastseen": "2019-05-29T18:19:48"}], "edition": 2, "hashmap": [{"key": "affectedSoftware", "hash": "d90b0ff6a1feece60884d0c0b3206e46"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "ce3710550bb397f4445b886cf8f0ad44"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "9de153333520bdaf79e4a12dac3ebe34"}, {"key": "cvss", "hash": "f74a1c24e49a5ecb0eefb5e51d4caa14"}, {"key": "cvss2", "hash": "4419eb17de947d4d6b67ac07ed8d9064"}, {"key": "cvss3", "hash": "f9048d548aea2a33f8c8fe44e8c9817c"}, {"key": "cwe", "hash": "34e69e045b64924bccf865d56b6918a2"}, {"key": "description", "hash": "85563a34d1143fe421c47d2c117fc93a"}, {"key": "href", "hash": "996c9900fe5eebd6ae4bc202e712665f"}, {"key": "modified", "hash": "d29f0188cccdfd610a8e086396d9721f"}, {"key": "published", "hash": "f0d47836a8fa61ed164560290a026ed5"}, {"key": "references", "hash": "713c71cbfcbbb73877c7cbf15bb4ae25"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "a66ed24bf004c8dbf310ef60e2347797"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "da0e43835a494b90e203c60f4bf5c5758ddfd18c6a875ba5af60bdf4ec6c12dc", "viewCount": 0, "enchantments": {"dependencies": {"references": [], "modified": "2019-09-06T11:49:06"}, "score": {"value": 3.4, "vector": "NONE", "modified": "2019-09-06T11:49:06"}, "vulnersScore": 3.4}, "objectVersion": "1.3", "cpe": ["cpe:/a:gnuboard:gnuboard5:5.1.18", "cpe:/a:gnuboard:gnuboard5:5.0.26", "cpe:/a:gnuboard:gnuboard5:5.1.9", "cpe:/a:gnuboard:gnuboard5:5.2.9.2", "cpe:/a:gnuboard:gnuboard5:5.0.23", "cpe:/a:gnuboard:gnuboard5:5.0.27", "cpe:/a:gnuboard:gnuboard5:5.1.8", "cpe:/a:gnuboard:gnuboard5:5.0.17", "cpe:/a:gnuboard:gnuboard5:5.0.34", "cpe:/a:gnuboard:gnuboard5:5.2.9.8", "cpe:/a:gnuboard:gnuboard5:5.0.30", "cpe:/a:gnuboard:gnuboard5:5.2.6", "cpe:/a:gnuboard:gnuboard5:5.3.1", "cpe:/a:gnuboard:gnuboard5:5.2.9.8.3", "cpe:/a:gnuboard:gnuboard5:5.0.2", "cpe:/a:gnuboard:gnuboard5:5.2.4", "cpe:/a:gnuboard:gnuboard5:5.0.25", "cpe:/a:gnuboard:gnuboard5:5.0.9", "cpe:/a:gnuboard:gnuboard5:5.2.9.7", "cpe:/a:gnuboard:gnuboard5:5.0.12", "cpe:/a:gnuboard:gnuboard5:5.0.8", "cpe:/a:gnuboard:gnuboard5:5.3.1.3", "cpe:/a:gnuboard:gnuboard5:5.3.0.2", "cpe:/a:gnuboard:gnuboard5:5.2.9", "cpe:/a:gnuboard:gnuboard5:5.1.19", "cpe:/a:gnuboard:gnuboard5:5.2.2", "cpe:/a:gnuboard:gnuboard5:5.0.3", "cpe:/a:gnuboard:gnuboard5:5.1.0", "cpe:/a:gnuboard:gnuboard5:5.3.0.1", "cpe:/a:gnuboard:gnuboard5:5.0.38", "cpe:/a:gnuboard:gnuboard5:5.0.16", "cpe:/a:gnuboard:gnuboard5:5.1.15", "cpe:/a:gnuboard:gnuboard5:5.0.10", "cpe:/a:gnuboard:gnuboard5:5.0.42", "cpe:/a:gnuboard:gnuboard5:5.0.14", "cpe:/a:gnuboard:gnuboard5:5.1.13", "cpe:/a:gnuboard:gnuboard5:5.1.16", "cpe:/a:gnuboard:gnuboard5:5.0.20", "cpe:/a:gnuboard:gnuboard5:5.2.9.6", "cpe:/a:gnuboard:gnuboard5:5.0.41", "cpe:/a:gnuboard:gnuboard5:5.0.39", "cpe:/a:gnuboard:gnuboard5:5.3.0.4", "cpe:/a:gnuboard:gnuboard5:5.1.2", "cpe:/a:gnuboard:gnuboard5:5.1.7", "cpe:/a:gnuboard:gnuboard5:5.2.3", "cpe:/a:gnuboard:gnuboard5:5.0.11", "cpe:/a:gnuboard:gnuboard5:5.2.9.8.1", "cpe:/a:gnuboard:gnuboard5:5.0.31", "cpe:/a:gnuboard:gnuboard5:5.2.1", "cpe:/a:gnuboard:gnuboard5:5.2.8", "cpe:/a:gnuboard:gnuboard5:5.3.0.3", "cpe:/a:gnuboard:gnuboard5:5.0.22", "cpe:/a:gnuboard:gnuboard5:5.2.0", "cpe:/a:gnuboard:gnuboard5:5.0.15", "cpe:/a:gnuboard:gnuboard5:5.0.4", "cpe:/a:gnuboard:gnuboard5:5.1.6", "cpe:/a:gnuboard:gnuboard5:5.1.5", "cpe:/a:gnuboard:gnuboard5:5.1.11", "cpe:/a:gnuboard:gnuboard5:5.2.9.5", "cpe:/a:gnuboard:gnuboard5:5.0.13", "cpe:/a:gnuboard:gnuboard5:5.0.37", "cpe:/a:gnuboard:gnuboard5:5.0.5", "cpe:/a:gnuboard:gnuboard5:5.0.24", "cpe:/a:gnuboard:gnuboard5:5.0.36", "cpe:/a:gnuboard:gnuboard5:5.2.9.3", "cpe:/a:gnuboard:gnuboard5:5.1.14", "cpe:/a:gnuboard:gnuboard5:5.0.33", "cpe:/a:gnuboard:gnuboard5:5.0.28", "cpe:/a:gnuboard:gnuboard5:5.1.1", "cpe:/a:gnuboard:gnuboard5:5.2.5", "cpe:/a:gnuboard:gnuboard5:5.0.35", "cpe:/a:gnuboard:gnuboard5:5.1.4", "cpe:/a:gnuboard:gnuboard5:5.0.32", "cpe:/a:gnuboard:gnuboard5:5.0.29", "cpe:/a:gnuboard:gnuboard5:5.1.10", "cpe:/a:gnuboard:gnuboard5:5.0.21", "cpe:/a:gnuboard:gnuboard5:5.0.18", "cpe:/a:gnuboard:gnuboard5:5.1.3", "cpe:/a:gnuboard:gnuboard5:5.3", "cpe:/a:gnuboard:gnuboard5:5.0.1", "cpe:/a:gnuboard:gnuboard5:5.3.1.2", "cpe:/a:gnuboard:gnuboard5:5.3.1.4", "cpe:/a:gnuboard:gnuboard5:5.1.12", "cpe:/a:gnuboard:gnuboard5:5.2.9.8.4", "cpe:/a:gnuboard:gnuboard5:5.1.17"], "affectedSoftware": [{"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.4"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.11"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.35"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.16"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.9.8"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.14"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.37"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.3"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.20"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.41"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.17"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.1"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.42"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.9.6"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.6"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.28"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.3.0.1"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.3"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.23"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.38"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.9"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.0"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.8"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.8"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.39"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.17"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.3"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.3.1.4"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.1"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.5"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.22"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.3.1.3"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.10"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.9.8.4"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.6"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.9"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.5"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.9"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.9.5"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.1"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.9.8.1"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.12"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.8"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.14"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.7"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.2"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.29"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.36"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.26"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.13"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.2"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.9.8.3"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.4"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.32"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.4"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.18"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.12"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.3.0.3"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.18"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.25"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.24"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.21"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.9.7"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.3.0.4"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.31"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.0"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.10"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.3.0.2"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.34"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.15"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.3"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.27"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.3.1.2"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.11"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.15"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.9.3"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.3.1"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.30"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.5"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.2.9.2"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.1.19"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.33"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.16"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.13"}, {"name": "gnuboard gnuboard5", "operator": "eq", "version": "5.0.2"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7}, "cpe23": [], "cwe": ["CWE-79"], "scheme": null}
{}
