Lucene search

[email protected]NVD:CVE-2011-4830

HistoryDec 15, 2011 - 3:57 a.m.

CVE-2011-4830

2011-12-1503:57:34

CWE-79

[email protected]

web.nvd.nist.gov

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the com_listing component in Barter Sites component 1.3 for Joomla! allow remote authenticated users to inject arbitrary web script or HTML via the (1) listing_title, (2) description, (3) homeurl (aka Website Address), (4) paystring (aka Payment types accepted), (5) sell_price, (6) shipping_cost, and (7) quantity parameters to index.php.

Affected configurations

NVD

Node

barter-sitescom_listingMatch1.3

AND

joomlajoomla\!

References

docs.joomla.org/Vulnerable_Extensions_List#Barter_Sites_1.3

my.barter-sites.com/index.php?option=com_content&view=article&id=6&Itemid=25

www.exploit-db.com/exploits/18046

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.5%

JSON

Related for NVD:CVE-2011-4830

cvelist1 cve1 checkpoint_advisories1 prion1 openvas2