Lucene search

PRIOn knowledge basePRION:CVE-2011-3384

HistorySep 08, 2011 - 6:55 p.m.

Cross site scripting

2011-09-0818:55:00

PRIOn knowledge base

www.prio-n.com

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

39.7%

JSON

Cross-site scripting (XSS) vulnerability in the Sage add-on 1.3.10 and earlier for Firefox allows remote attackers to inject arbitrary web script or HTML via a crafted feed, a different vulnerability than CVE-2009-4102.

CPENameOperatorVersion
sagele1.3.10
sageeq1.3.8

CPE	Name	Operator	Version
	sage	le	1.3.10
	sage	eq	1.3.8

References

jvn.jp/en/jp/JVN30221194/index.html

jvndb.jvn.jp/jvndb/JVNDB-2011-000069

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

39.7%

JSON

Related for PRION:CVE-2011-3384