Lucene search
HistoryDec 31, 2008 - 11:30 a.m.
CVE-2008-5786
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.003
Percentile
65.1%
Cross-site scripting (XSS) vulnerability in the Silva Find extension 1.1.5 and earlier in Silva 1.x before 1.6.3.2, Silva 2.0 before 2.0.12.2, and Silva 2.1 before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the fulltext parameter.
Affected configurations
Node
infraesilvaMatch1.0.2
ORinfraesilvaMatch1.0.3
ORinfraesilvaMatch1.1
ORinfraesilvaMatch1.1.1
ORinfraesilvaMatch1.1.2
ORinfraesilvaMatch1.1.4
ORinfraesilvaMatch1.1.5
ORinfraesilvaMatch1.1b1
ORinfraesilvaMatch1.1b2
ORinfraesilvaMatch1.2
ORinfraesilvaMatch1.2.1
ORinfraesilvaMatch1.2.2
ORinfraesilvaMatch1.2.3
ORinfraesilvaMatch1.2b1
ORinfraesilvaMatch1.3
ORinfraesilvaMatch1.3b3
ORinfraesilvaMatch1.4
ORinfraesilvaMatch1.4.1
ORinfraesilvaMatch1.4.2
ORinfraesilvaMatch1.4b1
ORinfraesilvaMatch1.5
ORinfraesilvaMatch1.5.2
ORinfraesilvaMatch1.5.3
ORinfraesilvaMatch1.5.4
ORinfraesilvaMatch1.5.5
ORinfraesilvaMatch1.5.6
ORinfraesilvaMatch1.5.7
ORinfraesilvaMatch1.5.8
ORinfraesilvaMatch1.5.9
ORinfraesilvaMatch1.5.10
ORinfraesilvaMatch1.5.12
ORinfraesilvaMatch1.5b1
ORinfraesilvaMatch1.6
ORinfraesilvaMatch1.6.1
ORinfraesilvaMatch1.6.2
ORinfraesilvaMatch1.6.3
ORinfraesilvaMatch1.6b3
ORinfraesilvaMatch1.6b4
ORinfraesilvaMatch2.0
ORinfraesilvaMatch2.0.1
ORinfraesilvaMatch2.0.2
ORinfraesilvaMatch2.0.3
ORinfraesilvaMatch2.0.4
ORinfraesilvaMatch2.0.5
ORinfraesilvaMatch2.0.6
ORinfraesilvaMatch2.0.7
ORinfraesilvaMatch2.0.8
ORinfraesilvaMatch2.0.9
ORinfraesilvaMatch2.0.10
ORinfraesilvaMatch2.0.12
ORinfraesilvaMatch2.0a1
ORinfraesilvaMatch2.0b1
ORinfraesilvaMatch2.1
ORinfraesilvaMatch2.1a2
ORinfraesilvaMatch2.1b1
ORinfraesilva_findRange≤1.1.5
ORinfraesilva_findMatch0.1
ORinfraesilva_findMatch0.1.1
ORinfraesilva_findMatch0.1.2
ORinfraesilva_findMatch1.0
ORinfraesilva_findMatch1.1
ORinfraesilva_findMatch1.1.1
ORinfraesilva_findMatch1.1.1.2
ORinfraesilva_findMatch1.1.1.3
ORinfraesilva_findMatch1.1.2
ORinfraesilva_findMatch1.1.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| infrae | silva | 1.0.2 | cpe:2.3:a:infrae:silva:1.0.2:*:*:*:*:*:*:* |
| infrae | silva | 1.0.3 | cpe:2.3:a:infrae:silva:1.0.3:*:*:*:*:*:*:* |
| infrae | silva | 1.1 | cpe:2.3:a:infrae:silva:1.1:*:*:*:*:*:*:* |
| infrae | silva | 1.1.1 | cpe:2.3:a:infrae:silva:1.1.1:*:*:*:*:*:*:* |
| infrae | silva | 1.1.2 | cpe:2.3:a:infrae:silva:1.1.2:*:*:*:*:*:*:* |
| infrae | silva | 1.1.4 | cpe:2.3:a:infrae:silva:1.1.4:*:*:*:*:*:*:* |
| infrae | silva | 1.1.5 | cpe:2.3:a:infrae:silva:1.1.5:*:*:*:*:*:*:* |
| infrae | silva | 1.1b1 | cpe:2.3:a:infrae:silva:1.1b1:*:*:*:*:*:*:* |
| infrae | silva | 1.1b2 | cpe:2.3:a:infrae:silva:1.1b2:*:*:*:*:*:*:* |
| infrae | silva | 1.2 | cpe:2.3:a:infrae:silva:1.2:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-5786
2008-12-31 11:00:00
prion
prion
Cross site scripting
2008-12-31 11:30:00
cve
cve
CVE-2008-5786
2008-12-31 11:30:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.003
Percentile
65.1%
Related for NVD:CVE-2008-5786