Lucene search
Japan Vulnerability NotesJVN:67540183HistoryJul 10, 2015 - 12:00 a.m.
JVN#67540183: Simple Oekaki BBS vulnerable to cross-site scripting
2015-07-1000:00:00
Japan Vulnerability Notes
jvn.jp
31
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
56.7%
Simple Oekaki BBS provided by LEMON-S PHP contains a persistent cross-site scripting (CWE-79) vulnerability due to the processing of oekakis parameter in index.php.
Impact
An arbitrary script may be executed on the user’s web browser.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Products Affected
- Simple Oekaki BBS versions prior to v1.21
Related
nvd
nvd
CVE-2015-2969
2015-07-10 15:59:01
cvelist
cvelist
CVE-2015-2969
2015-07-10 15:00:00
prion
prion
Cross site scripting
2015-07-10 15:59:00
cve
cve
CVE-2015-2969
2015-07-10 15:59:01
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
56.7%
Related for JVN:67540183