Lucene search

[email protected]NVD:CVE-2011-5104

HistoryAug 23, 2012 - 8:55 p.m.

CVE-2011-5104

2012-08-2320:55:02

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.6%

JSON

Cross-site scripting (XSS) vulnerability in wpsc-admin/display-sales-logs.php in WP e-Commerce plugin 3.8.7.1 and possibly earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the custom_text parameter. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

getshoppedwp_e-commerceRange≤3.8.7.1

getshoppedwp_e-commerceMatch3.6.5

getshoppedwp_e-commerceMatch3.6.6

getshoppedwp_e-commerceMatch3.6.7

getshoppedwp_e-commerceMatch3.6.8

getshoppedwp_e-commerceMatch3.6.9

getshoppedwp_e-commerceMatch3.6.10

getshoppedwp_e-commerceMatch3.6.11

getshoppedwp_e-commerceMatch3.6.12

getshoppedwp_e-commerceMatch3.6.13

getshoppedwp_e-commerceMatch3.7

getshoppedwp_e-commerceMatch3.7beta2

getshoppedwp_e-commerceMatch3.7beta3

getshoppedwp_e-commerceMatch3.7.1

getshoppedwp_e-commerceMatch3.7.2

getshoppedwp_e-commerceMatch3.7.3

getshoppedwp_e-commerceMatch3.7.4

getshoppedwp_e-commerceMatch3.7.5

getshoppedwp_e-commerceMatch3.7.5beta1

getshoppedwp_e-commerceMatch3.7.5beta2

getshoppedwp_e-commerceMatch3.7.5rc1

getshoppedwp_e-commerceMatch3.7.5rc2

getshoppedwp_e-commerceMatch3.7.5rc3

getshoppedwp_e-commerceMatch3.7.5rc4

getshoppedwp_e-commerceMatch3.7.5.1

getshoppedwp_e-commerceMatch3.7.5.1beta

getshoppedwp_e-commerceMatch3.7.5.2

getshoppedwp_e-commerceMatch3.7.5.3

getshoppedwp_e-commerceMatch3.7.6

getshoppedwp_e-commerceMatch3.7.6rc1

getshoppedwp_e-commerceMatch3.7.6rc2

getshoppedwp_e-commerceMatch3.7.6rc3

getshoppedwp_e-commerceMatch3.7.6rc4

getshoppedwp_e-commerceMatch3.7.6.1

getshoppedwp_e-commerceMatch3.7.6.2

getshoppedwp_e-commerceMatch3.7.6.3

getshoppedwp_e-commerceMatch3.7.6.4

getshoppedwp_e-commerceMatch3.7.6.5

getshoppedwp_e-commerceMatch3.7.6.6

getshoppedwp_e-commerceMatch3.7.6.7

getshoppedwp_e-commerceMatch3.7.6.9

getshoppedwp_e-commerceMatch3.7.7

getshoppedwp_e-commerceMatch3.7.8

getshoppedwp_e-commerceMatch3.7.8.1

getshoppedwp_e-commerceMatch3.7.8.2

getshoppedwp_e-commerceMatch3.7.8.3

getshoppedwp_e-commerceMatch3.8

getshoppedwp_e-commerceMatch3.8beta1

getshoppedwp_e-commerceMatch3.8beta2

getshoppedwp_e-commerceMatch3.8beta3

getshoppedwp_e-commerceMatch3.8rc1

getshoppedwp_e-commerceMatch3.8rc2

getshoppedwp_e-commerceMatch3.8rc3

getshoppedwp_e-commerceMatch3.8rc4

getshoppedwp_e-commerceMatch3.8.1

getshoppedwp_e-commerceMatch3.8.2

getshoppedwp_e-commerceMatch3.8.3

getshoppedwp_e-commerceMatch3.8.4

getshoppedwp_e-commerceMatch3.8.5

getshoppedwp_e-commerceMatch3.8.6

getshoppedwp_e-commerceMatch3.8.6.1

getshoppedwp_e-commerceMatch3.8.7

AND

wordpresswordpressMatch-

References

osvdb.org/77249

plugins.trac.wordpress.org/changeset?reponame=&new=463447%40wp-e-commerce&old=463446%40wp-e-commerce

secunia.com/advisories/46957

wordpress.org/extend/plugins/wp-e-commerce/changelog/

www.securityfocus.com/bid/50757

exchange.xforce.ibmcloud.com/vulnerabilities/71443

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.6%

JSON

Related for NVD:CVE-2011-5104

cvelist1 cve1 prion1 patchstack1