Lucene search

[email protected]NVD:CVE-2011-4751

HistoryDec 16, 2011 - 11:55 a.m.

CVE-2011-4751

2011-12-1611:55:11

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.002

Percentile

64.8%

JSON

SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a “cross-domain Referer leakage” issue.

Affected configurations

Nvd

Node

smartertoolssmarterstatsMatch6.2.4100

VendorProductVersionCPE
smartertoolssmarterstats6.2.4100cpe:2.3:a:smartertools:smarterstats:6.2.4100:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
smartertools	smarterstats	6.2.4100	cpe:2.3:a:smartertools:smarterstats:6.2.4100:::::::*

References

xss.cx/examples/exploits/stored-reflected-xss-cwe79-smarterstats624100.html

exchange.xforce.ibmcloud.com/vulnerabilities/72203

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.002

Percentile

64.8%

JSON

Related for NVD:CVE-2011-4751

prion1 cvelist1 cve1 openvas1