Lucene search
HistoryFeb 08, 2011 - 9:00 p.m.
CVE-2011-0909
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.022 Low
EPSS
Percentile
89.6%
Cross-site scripting (XSS) vulnerability in Vanilla Forums before 2.0.17.6 allows remote attackers to inject arbitrary web script or HTML via the p parameter to an unspecified component, a different vulnerability than CVE-2011-0526.
Affected configurations
Node
vanillaforumsvanillaRange≤2.0.17.5
ORvanillaforumsvanillaMatch2.0.9
ORvanillaforumsvanillaMatch2.0.10
ORvanillaforumsvanillaMatch2.0.11
ORvanillaforumsvanillaMatch2.0.12
ORvanillaforumsvanillaMatch2.0.13
ORvanillaforumsvanillaMatch2.0.14
ORvanillaforumsvanillaMatch2.0.15
ORvanillaforumsvanillaMatch2.0.16
ORvanillaforumsvanillaMatch2.0.17
ORvanillaforumsvanillaMatch2.0.17.1
ORvanillaforumsvanillaMatch2.0.17.2
ORvanillaforumsvanillaMatch2.0.17.3
ORvanillaforumsvanillaMatch2.0.17.4
Related
cvelist
cvelist
cve
cve
prion
prion
Cross site scripting
2011-02-08 21:00:00
Cross site scripting
2011-02-08 21:00:00
Open redirect
2011-02-08 21:00:00
nvd
nvd
CVE-2011-0526
2011-02-08 21:00:01
CVE-2011-0908
2011-02-08 21:00:01
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.022 Low
EPSS
Percentile
89.6%
Related for NVD:CVE-2011-0909