Lucene search

Ubuntu.comUB:CVE-2015-8755

HistoryJan 08, 2016 - 12:00 a.m.

CVE-2015-8755

2016-01-0800:00:00

ubuntu.com

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

36.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend
components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote
authenticated editors to inject arbitrary web script or HTML via unknown
vectors.

References

typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-011/

www.securitytracker.com/id/1034483

launchpad.net/bugs/cve/CVE-2015-8755

nvd.nist.gov/vuln/detail/CVE-2015-8755

security-tracker.debian.org/tracker/CVE-2015-8755

www.cve.org/CVERecord?id=CVE-2015-8755

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

36.5%

JSON

Related for UB:CVE-2015-8755