Cross site scripting

2008-07-2817:41:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) article comments feature and the (2) search log feature.

CPENameOperatorVersion
loreeq1.5.9
loreeq1.6.1
loreeq1.1.1
loreeq1.5.3
loreeq1.1.0
loreeq1.5.5
loreeq1.0.8
loreeq1.5.6
lorele1.6.3
loreeq1.0.9

Name	Operator	Version
lore	eq	1.5.9
lore	eq	1.6.1
lore	eq	1.1.1
lore	eq	1.5.3
lore	eq	1.1.0
lore	eq	1.5.5
lore	eq	1.0.8
lore	eq	1.5.6
lore	le	1.6.3
lore	eq	1.0.9

Rows per page:

1-10 of 321

References

puresw.com/kb/idx.php/8/025/article/Changelog.html

secunia.com/advisories/31217

www.securityfocus.com/bid/30367

exchange.xforce.ibmcloud.com/vulnerabilities/43985