Lucene search
Japan Vulnerability NotesJVN:73331060HistoryFeb 25, 2010 - 12:00 a.m.
JVN#73331060 tDiary plugin tb-send.rb vulnerable to cross-site scripting
2010-02-2500:00:00
Japan Vulnerability Notes
jvn.jp
12
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
68.4%
tDiary is a weblog software. tDiary plugin tb-send.rb contains a cross-site scripting vulnerability.
Impact
An arbitrary script may be executed on some web browsers.
Solution
Update the Software
Update according to the information provided by the developer.
Products Affected
- tDiary 2.2.2(full set) and earlier
- tDiary 2.2.2(plugins) and earlier
The developer has confirmed that tDiary 2.3.x are not affected by this vulnerability.
Related
securityvulns
securityvulns
[SECURITY] [DSA 2009-1] New tdiary packages fix cross-site scripting
2010-03-11 00:00:00
openvas
openvas
Debian Security Advisory DSA 2009-1 (tdiary)
2010-03-16 00:00:00
tDiary 'tb-send.rb' Plugin Cross-Site Scripting Vulnerability
2010-03-10 00:00:00
tDiary 'tb-send.rb' Plugin Cross-Site Scripting Vulnerability
2010-03-10 00:00:00
cvelist
cvelist
CVE-2010-0726
2010-03-02 19:00:00
debian
debian
[SECURITY] [DSA 2009-1] New tdiary packages fix cross-site scripting
2010-03-09 21:57:06
ubuntucve
ubuntucve
CVE-2010-0726
2010-03-02 00:00:00
prion
prion
Cross site scripting
2010-03-02 19:30:00
nvd
nvd
CVE-2010-0726
2010-03-02 19:30:00
nessus
nessus
Debian DSA-2009-1 : tdiary - insufficient input sanitising
2010-03-11 00:00:00
cve
cve
CVE-2010-0726
2010-03-02 19:30:00
debiancve
debiancve
CVE-2010-0726
2010-03-02 19:30:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
68.4%
Related for JVN:73331060