Lucene search

MitreCVE-2010-3266

HistoryDec 02, 2010 - 4:22 p.m.

CVE-2010-3266

2010-12-0216:22:21

CWE-79

mitre

web.nvd.nist.gov

cve-2010-3266

bugtracker.net

xss

vulnerabilities

web script

html

nvd

security issue

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.3

Confidence

High

EPSS

0.002

Percentile

59.9%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the pcd parameter to edit_bug.aspx, (2) the bug_id parameter to edit_comment.aspx, (3) the id parameter to edit_user_permissions2.aspx, or (4) the default_name parameter to edit_customfield.aspx. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd

Node

ifdefinedbugtracker.netRange≤3.4.4

ifdefinedbugtracker.netMatch0.91

ifdefinedbugtracker.netMatch2.4.1

ifdefinedbugtracker.netMatch2.4.2

ifdefinedbugtracker.netMatch2.4.3

ifdefinedbugtracker.netMatch2.4.4

ifdefinedbugtracker.netMatch2.4.5

ifdefinedbugtracker.netMatch2.4.6

ifdefinedbugtracker.netMatch2.4.7

ifdefinedbugtracker.netMatch2.4.8

ifdefinedbugtracker.netMatch2.5.0

ifdefinedbugtracker.netMatch2.5.1

ifdefinedbugtracker.netMatch2.5.2

ifdefinedbugtracker.netMatch2.5.3

ifdefinedbugtracker.netMatch2.5.4

ifdefinedbugtracker.netMatch2.5.5

ifdefinedbugtracker.netMatch2.5.6

ifdefinedbugtracker.netMatch2.5.7

ifdefinedbugtracker.netMatch2.5.8

ifdefinedbugtracker.netMatch2.5.9

ifdefinedbugtracker.netMatch2.6.0

ifdefinedbugtracker.netMatch2.6.1

ifdefinedbugtracker.netMatch2.6.2

ifdefinedbugtracker.netMatch2.6.3

ifdefinedbugtracker.netMatch2.6.4

ifdefinedbugtracker.netMatch2.6.5

ifdefinedbugtracker.netMatch2.6.6

ifdefinedbugtracker.netMatch2.6.7

ifdefinedbugtracker.netMatch2.6.8

ifdefinedbugtracker.netMatch2.6.9

ifdefinedbugtracker.netMatch2.7.0

ifdefinedbugtracker.netMatch2.7.1

ifdefinedbugtracker.netMatch2.7.2

ifdefinedbugtracker.netMatch2.7.3

ifdefinedbugtracker.netMatch2.7.4

ifdefinedbugtracker.netMatch2.7.5

ifdefinedbugtracker.netMatch2.7.6

ifdefinedbugtracker.netMatch2.7.7

ifdefinedbugtracker.netMatch2.7.8

ifdefinedbugtracker.netMatch2.7.9

ifdefinedbugtracker.netMatch2.8.0

ifdefinedbugtracker.netMatch2.8.1

ifdefinedbugtracker.netMatch2.8.2

ifdefinedbugtracker.netMatch2.8.3

ifdefinedbugtracker.netMatch2.8.4

ifdefinedbugtracker.netMatch2.8.5

ifdefinedbugtracker.netMatch2.8.6

ifdefinedbugtracker.netMatch2.8.7

ifdefinedbugtracker.netMatch2.8.8

ifdefinedbugtracker.netMatch2.8.9

ifdefinedbugtracker.netMatch2.9.0

ifdefinedbugtracker.netMatch2.9.1

ifdefinedbugtracker.netMatch2.9.2

ifdefinedbugtracker.netMatch2.9.3

ifdefinedbugtracker.netMatch2.9.4

ifdefinedbugtracker.netMatch2.9.5

ifdefinedbugtracker.netMatch2.9.6

ifdefinedbugtracker.netMatch2.9.7

ifdefinedbugtracker.netMatch2.9.8

ifdefinedbugtracker.netMatch2.9.9

ifdefinedbugtracker.netMatch3.0.0

ifdefinedbugtracker.netMatch3.0.1

ifdefinedbugtracker.netMatch3.0.3

ifdefinedbugtracker.netMatch3.0.4

ifdefinedbugtracker.netMatch3.0.5

ifdefinedbugtracker.netMatch3.0.6

ifdefinedbugtracker.netMatch3.0.7

ifdefinedbugtracker.netMatch3.0.8

ifdefinedbugtracker.netMatch3.0.9

ifdefinedbugtracker.netMatch3.1.0

ifdefinedbugtracker.netMatch3.1.1

ifdefinedbugtracker.netMatch3.1.2

ifdefinedbugtracker.netMatch3.1.3

ifdefinedbugtracker.netMatch3.1.4

ifdefinedbugtracker.netMatch3.1.5

ifdefinedbugtracker.netMatch3.1.6

ifdefinedbugtracker.netMatch3.1.7

ifdefinedbugtracker.netMatch3.1.8

ifdefinedbugtracker.netMatch3.1.9

ifdefinedbugtracker.netMatch3.2.0

ifdefinedbugtracker.netMatch3.3.9

ifdefinedbugtracker.netMatch3.4.0

ifdefinedbugtracker.netMatch3.4.1

ifdefinedbugtracker.netMatch3.4.2

ifdefinedbugtracker.netMatch3.4.3

VendorProductVersionCPE
ifdefinedbugtracker.net*cpe:2.3:a:ifdefined:bugtracker.net:*:*:*:*:*:*:*:*
ifdefinedbugtracker.net0.91cpe:2.3:a:ifdefined:bugtracker.net:0.91:*:*:*:*:*:*:*
ifdefinedbugtracker.net2.4.1cpe:2.3:a:ifdefined:bugtracker.net:2.4.1:*:*:*:*:*:*:*
ifdefinedbugtracker.net2.4.2cpe:2.3:a:ifdefined:bugtracker.net:2.4.2:*:*:*:*:*:*:*
ifdefinedbugtracker.net2.4.3cpe:2.3:a:ifdefined:bugtracker.net:2.4.3:*:*:*:*:*:*:*
ifdefinedbugtracker.net2.4.4cpe:2.3:a:ifdefined:bugtracker.net:2.4.4:*:*:*:*:*:*:*
ifdefinedbugtracker.net2.4.5cpe:2.3:a:ifdefined:bugtracker.net:2.4.5:*:*:*:*:*:*:*
ifdefinedbugtracker.net2.4.6cpe:2.3:a:ifdefined:bugtracker.net:2.4.6:*:*:*:*:*:*:*
ifdefinedbugtracker.net2.4.7cpe:2.3:a:ifdefined:bugtracker.net:2.4.7:*:*:*:*:*:*:*
ifdefinedbugtracker.net2.4.8cpe:2.3:a:ifdefined:bugtracker.net:2.4.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ifdefined	bugtracker.net	*	cpe:2.3:a:ifdefined:bugtracker.net::::::::
ifdefined	bugtracker.net	0.91	cpe:2.3:a:ifdefined:bugtracker.net:0.91:::::::*
ifdefined	bugtracker.net	2.4.1	cpe:2.3:a:ifdefined:bugtracker.net:2.4.1:::::::*
ifdefined	bugtracker.net	2.4.2	cpe:2.3:a:ifdefined:bugtracker.net:2.4.2:::::::*
ifdefined	bugtracker.net	2.4.3	cpe:2.3:a:ifdefined:bugtracker.net:2.4.3:::::::*
ifdefined	bugtracker.net	2.4.4	cpe:2.3:a:ifdefined:bugtracker.net:2.4.4:::::::*
ifdefined	bugtracker.net	2.4.5	cpe:2.3:a:ifdefined:bugtracker.net:2.4.5:::::::*
ifdefined	bugtracker.net	2.4.6	cpe:2.3:a:ifdefined:bugtracker.net:2.4.6:::::::*
ifdefined	bugtracker.net	2.4.7	cpe:2.3:a:ifdefined:bugtracker.net:2.4.7:::::::*
ifdefined	bugtracker.net	2.4.8	cpe:2.3:a:ifdefined:bugtracker.net:2.4.8:::::::*