CVE-2011-3595

Опубликовано: 22 янв. 2020

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters.

Ссылки

http://yehg.net/lab/pr0js/advisories/joomla/core/%5Bjoomla_1.7.0-stable%5D_cross_site_scripting%28XSS%29
Exploit
Third Party Advisory
https://www.openwall.com/lists/oss-security/2011/10/04/7
Exploit
Mailing List
Third Party Advisory
https://www.rapid7.com/db/vulnerabilities/joomla-20110902-core-xss-vulnerability
Third Party Advisory
http://yehg.net/lab/pr0js/advisories/joomla/core/%5Bjoomla_1.7.0-stable%5D_cross_site_scripting%28XSS%29
Exploit
Third Party Advisory
https://www.openwall.com/lists/oss-security/2011/10/04/7
Exploit
Mailing List
Third Party Advisory
https://www.rapid7.com/db/vulnerabilities/joomla-20110902-core-xss-vulnerability
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

Версия до 1.7.0 (включая)

EPSS

Процентиль: 10%

0.00034

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-mjh4-6qqm-58m2

github

почти 4 года назад