Lucene search
HistoryOct 24, 2011 - 6:55 p.m.
CVE-2011-4172
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.0%
Multiple cross-site scripting (XSS) vulnerabilities in KENT-WEB WEB FORUM before 5.1 allow remote attackers to inject arbitrary web script or HTML via (1) an e-mail address field or (2) a cookie, a related issue to CVE-2011-3383, CVE-2011-3983, and CVE-2011-3984.
Affected configurations
Node
kent-webweb_forumRange≤5.1
References
Related
cve
cve
prion
prion
Cross site scripting
2011-10-24 18:55:00
Cross site scripting
2011-10-24 17:55:00
Cross site scripting
2011-10-24 17:55:00
cvelist
cvelist
nvd
nvd
jvn
jvn
JVN#36684331: WEB FORUM vulnerable to cross-site scripting
2011-10-11 00:00:00
JVN#89764731: WEB FORUM vulnerable to cross-site scripting
2011-10-11 00:00:00
JVN#80971236: WEB FORUM vulnerable to cross-site scripting
2011-10-11 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.0%
Related for NVD:CVE-2011-4172