Lucene search
HistoryJun 18, 2015 - 6:59 p.m.
CVE-2015-4661
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.7%
Cross-site scripting (XSS) vulnerability in Symphony CMS 2.6.2 allows remote attackers to inject arbitrary web script or HTML via the sort parameter to system/authors.
Affected configurations
Node
getsymphonysymphonyRange≤2.6.2
Related
cvelist
cvelist
CVE-2015-4661
2015-06-18 18:00:00
prion
prion
Cross site scripting
2015-06-18 18:59:00
cve
cve
CVE-2015-4661
2015-06-18 18:59:13
packetstorm
packetstorm
Symphony CMS 2.6.2 Cross Site Scripting
2015-06-07 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2017-07-27 18:17:41
checkpoint_advisories
checkpoint_advisories
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.7%
Related for NVD:CVE-2015-4661