Lucene search

PRIOn knowledge basePRION:CVE-2010-0997

HistoryApr 20, 2010 - 4:30 p.m.

Cross site scripting

2010-04-2016:30:00

PRIOn knowledge base

www.prio-n.com

5.7 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

45.0%

JSON

Cross-site scripting (XSS) vulnerability in 107_plugins/content/content_manager.php in the Content Management plugin in e107 before 0.7.20, when the personal content manager is enabled, allows user-assisted remote authenticated users to inject arbitrary web script or HTML via the content_heading parameter.

CPENameOperatorVersion
e107eq0.7.10
e107eq0.7.7
e107eq0.7.13
e107eq0.7.4
e107eq0.7.14
e107eq0.7.5
e107eq0.7.2
e107eq0.7.11
e107eq0.7.1
e107le0.7.19

Name	Operator	Version
e107	eq	0.7.10
e107	eq	0.7.7
e107	eq	0.7.13
e107	eq	0.7.4
e107	eq	0.7.14
e107	eq	0.7.5
e107	eq	0.7.2
e107	eq	0.7.11
e107	eq	0.7.1
e107	le	0.7.19

Rows per page:

1-10 of 201

References

e107.org/comment.php?comment.news.864

e107.org/svn_changelog.php?version=0.7.20

secunia.com/advisories/39013

secunia.com/secunia_research/2010-43/

www.securityfocus.com/archive/1/510809/100/0/threaded

www.securityfocus.com/bid/39539

www.vupen.com/english/advisories/2010/0919

exchange.xforce.ibmcloud.com/vulnerabilities/57933

5.7 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

45.0%

JSON

Related for PRION:CVE-2010-0997