Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2011-2477

Опубликовано: 14 июн. 2011
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 2.6

Описание

Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in Icinga before 1.4.1, when escape_html_tags is disabled, allow remote attackers to inject arbitrary web script or HTML via a JavaScript expression, as demonstrated by the onload attribute of a BODY element located after a check-host-alive! sequence, a different vulnerability than CVE-2011-2179.

РелизСтатусПримечание
devel

not-affected

1.4.1-1
hardy

DNE

lucid

DNE

maverick

ignored

end of life
natty

ignored

end of life
oneiric

not-affected

1.4.1-1
precise

not-affected

1.4.1-1
quantal

not-affected

1.4.1-1
upstream

released

1.4.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 49%
0.00263
Низкий

2.6 Low

CVSS2

Связанные уязвимости

nvd логотип

CVE-2011-2477

nvd
больше 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in Icinga before 1.4.1, when escape_html_tags is disabled, allow remote attackers to inject arbitrary web script or HTML via a JavaScript expression, as demonstrated by the onload attribute of a BODY element located after a check-host-alive! sequence, a different vulnerability than CVE-2011-2179.

debian логотип

CVE-2011-2477

debian
больше 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in config.c in con ...

github логотип

GHSA-fq47-mp9r-q7w9

github
больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in Icinga before 1.4.1, when escape_html_tags is disabled, allow remote attackers to inject arbitrary web script or HTML via a JavaScript expression, as demonstrated by the onload attribute of a BODY element located after a check-host-alive! sequence, a different vulnerability than CVE-2011-2179.

EPSS

Процентиль: 49%
0.00263
Низкий

2.6 Low

CVSS2