Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2011-4366 | First vendor Publication | 2017-07-21 |
Vendor | Cve | Last vendor Modification | 2023-11-07 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : | |||
---|---|---|---|
Cvss Base Score | Not Defined | Attack Range | Not Defined |
Cvss Impact Score | Not Defined | Attack Complexity | Not Defined |
Cvss Expoit Score | Not Defined | Authentication | Not Defined |
Calculate full CVSS 2.0 Vectors scores |
Detail
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4090. Reason: This candidate is a reservation duplicate of CVE-2011-4090. Notes: All CVE users should reference CVE-2011-4090 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4366 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
76856 | Karma Plugin for Serendipity serendipity_admin.php Multiple Parameter XSS Karma Plugin for Serendipity contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'serendipity[filter][entryid]', 'serendipity[filter][ip]', 'serendipity[filter][title]' and 'serendipity[filter][user_agent]' parameters upon submission to the serendipity_admin.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
75777 | Freetag Plugin for Serendipity serendipity_admin serendipity[tagview] Paramet... Freetag Plugin for Serendipity contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'serendipity[tagview]' parameter upon submission to the serendipity_admin script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
Alert History
Date | Informations |
---|---|
2023-11-07 21:42:34 |
|
2017-07-22 00:21:28 |
|