Lucene search

RedhatCVE-2011-3199

HistoryMar 21, 2014 - 4:38 a.m.

CVE-2011-3199

2014-03-2104:38:53

CWE-79

redhat

web.nvd.nist.gov

cve-2011-3199

cross-site scripting

xss

domain technologie control

dtc

remote authenticated users

html injection

web script injection

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

48.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Domain Technologie Control (DTC) before 0.34.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) message body of a support ticket or unspecified vectors to the (2) DNS and (3) MX form, as demonstrated by the “Domain root TXT record:” field.

Affected configurations

Nvd

Node

gplhostdomain_technologie_controlRange≤0.32.11

gplhostdomain_technologie_controlMatch0.24.6

gplhostdomain_technologie_controlMatch0.25.1

gplhostdomain_technologie_controlMatch0.25.2

gplhostdomain_technologie_controlMatch0.25.3

gplhostdomain_technologie_controlMatch0.26.7

gplhostdomain_technologie_controlMatch0.26.8

gplhostdomain_technologie_controlMatch0.26.9

gplhostdomain_technologie_controlMatch0.27.3

gplhostdomain_technologie_controlMatch0.28.2

gplhostdomain_technologie_controlMatch0.28.3

gplhostdomain_technologie_controlMatch0.28.4

gplhostdomain_technologie_controlMatch0.28.6

gplhostdomain_technologie_controlMatch0.28.9

gplhostdomain_technologie_controlMatch0.28.10

gplhostdomain_technologie_controlMatch0.29.1

gplhostdomain_technologie_controlMatch0.29.6

gplhostdomain_technologie_controlMatch0.29.8

gplhostdomain_technologie_controlMatch0.29.10

gplhostdomain_technologie_controlMatch0.29.14

gplhostdomain_technologie_controlMatch0.29.15

gplhostdomain_technologie_controlMatch0.29.16

gplhostdomain_technologie_controlMatch0.29.17

gplhostdomain_technologie_controlMatch0.30.6

gplhostdomain_technologie_controlMatch0.30.8

gplhostdomain_technologie_controlMatch0.30.10

gplhostdomain_technologie_controlMatch0.30.18

gplhostdomain_technologie_controlMatch0.30.20

gplhostdomain_technologie_controlMatch0.32.1

gplhostdomain_technologie_controlMatch0.32.2

gplhostdomain_technologie_controlMatch0.32.3

gplhostdomain_technologie_controlMatch0.32.4

gplhostdomain_technologie_controlMatch0.32.5

gplhostdomain_technologie_controlMatch0.32.6

gplhostdomain_technologie_controlMatch0.32.7

VendorProductVersionCPE
gplhostdomain_technologie_control*cpe:2.3:a:gplhost:domain_technologie_control:*:*:*:*:*:*:*:*
gplhostdomain_technologie_control0.24.6cpe:2.3:a:gplhost:domain_technologie_control:0.24.6:*:*:*:*:*:*:*
gplhostdomain_technologie_control0.25.1cpe:2.3:a:gplhost:domain_technologie_control:0.25.1:*:*:*:*:*:*:*
gplhostdomain_technologie_control0.25.2cpe:2.3:a:gplhost:domain_technologie_control:0.25.2:*:*:*:*:*:*:*
gplhostdomain_technologie_control0.25.3cpe:2.3:a:gplhost:domain_technologie_control:0.25.3:*:*:*:*:*:*:*
gplhostdomain_technologie_control0.26.7cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:*:*:*:*:*:*:*
gplhostdomain_technologie_control0.26.8cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:*:*:*:*:*:*:*
gplhostdomain_technologie_control0.26.9cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:*:*:*:*:*:*:*
gplhostdomain_technologie_control0.27.3cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:*:*:*:*:*:*:*
gplhostdomain_technologie_control0.28.2cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gplhost	domain_technologie_control	*	cpe:2.3:a:gplhost:domain_technologie_control::::::::
gplhost	domain_technologie_control	0.24.6	cpe:2.3:a:gplhost:domain_technologie_control:0.24.6:::::::*
gplhost	domain_technologie_control	0.25.1	cpe:2.3:a:gplhost:domain_technologie_control:0.25.1:::::::*
gplhost	domain_technologie_control	0.25.2	cpe:2.3:a:gplhost:domain_technologie_control:0.25.2:::::::*
gplhost	domain_technologie_control	0.25.3	cpe:2.3:a:gplhost:domain_technologie_control:0.25.3:::::::*
gplhost	domain_technologie_control	0.26.7	cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:::::::*
gplhost	domain_technologie_control	0.26.8	cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:::::::*
gplhost	domain_technologie_control	0.26.9	cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:::::::*
gplhost	domain_technologie_control	0.27.3	cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:::::::*
gplhost	domain_technologie_control	0.28.2	cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:::::::*