Lucene search
Japan Vulnerability NotesJVN:08307791HistoryOct 13, 2011 - 12:00 a.m.
JVN#08307791: Plume vulnerable to cross-site scripting
2011-10-1300:00:00
Japan Vulnerability Notes
jvn.jp
19
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
EPSS
0.001
Percentile
49.0%
Plume is a Content Management System (CMS). Plume contains a cross-site scripting vulnerability.
Impact
An arbitrary script may be executed on the web browser of a user that is logged in as administrator.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Products Affected
- Plume versions prior to 1.2.3
Related
cve
cve
CVE-2011-3985
2011-11-09 23:55:01
nvd
nvd
CVE-2011-3985
2011-11-09 23:55:01
cvelist
cvelist
CVE-2011-3985
2011-11-09 23:00:00
prion
prion
Cross site scripting
2011-11-09 23:55:00
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
EPSS
0.001
Percentile
49.0%
Related for JVN:08307791