Lucene search
HistoryMar 31, 2015 - 10:59 a.m.
CVE-2015-0900
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.002
Percentile
60.1%
Cross-site scripting (XSS) vulnerability in schedule.cgi in Nishishi Factory Fumy Teacher’s Schedule Board 1.10 through 2.21 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Affected configurations
Node
nishishifumy_teachers_schedule_boardMatch1.10
ORnishishifumy_teachers_schedule_boardMatch2.00
ORnishishifumy_teachers_schedule_boardMatch2.10
ORnishishifumy_teachers_schedule_boardMatch2.20
ORnishishifumy_teachers_schedule_boardMatch2.21
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nishishi | fumy_teachers_schedule_board | 1.10 | cpe:2.3:a:nishishi:fumy_teachers_schedule_board:1.10:*:*:*:*:*:*:* |
| nishishi | fumy_teachers_schedule_board | 2.00 | cpe:2.3:a:nishishi:fumy_teachers_schedule_board:2.00:*:*:*:*:*:*:* |
| nishishi | fumy_teachers_schedule_board | 2.10 | cpe:2.3:a:nishishi:fumy_teachers_schedule_board:2.10:*:*:*:*:*:*:* |
| nishishi | fumy_teachers_schedule_board | 2.20 | cpe:2.3:a:nishishi:fumy_teachers_schedule_board:2.20:*:*:*:*:*:*:* |
| nishishi | fumy_teachers_schedule_board | 2.21 | cpe:2.3:a:nishishi:fumy_teachers_schedule_board:2.21:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2015-0900
2015-03-31 10:59:01
jvn
jvn
cvelist
cvelist
CVE-2015-0900
2015-03-31 10:00:00
prion
prion
Cross site scripting
2015-03-31 10:59:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.002
Percentile
60.1%
Related for NVD:CVE-2015-0900