cvelistv5 - CVE-2011-3010

CVE-2011-3010 (GCVE-0-2011-3010)

Vulnerability from cvelistv5 – Published: 2011-09-30 10:00 – Updated: 2024-09-17 03:03

Summary

Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.mavitunasecurity.com/xss-vulnerability…	x_refsource_MISC
	http://www.osvdb.org/75674	vdb-entryx_refsource_OSVDB
	http://securitytracker.com/id?1026091	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/46123	third-party-advisoryx_refsource_SECUNIA
	http://develop.twiki.org/trac/changeset/21920	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/49746	vdb-entryx_refsource_BID
	http://twiki.org/cgi-bin/view/Codev/SecurityAlert…	x_refsource_CONFIRM
	http://archives.neohapsis.com/archives/bugtraq/20…	mailing-listx_refsource_BUGTRAQ
	http://www.osvdb.org/75673	vdb-entryx_refsource_OSVDB

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:22:26.676Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5"
          },
          {
            "name": "75674",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/75674"
          },
          {
            "name": "1026091",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1026091"
          },
          {
            "name": "46123",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46123"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://develop.twiki.org/trac/changeset/21920"
          },
          {
            "name": "49746",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/49746"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010"
          },
          {
            "name": "20110922 XSS Vulnerabilities in TWiki \u003c 5.1.0",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html"
          },
          {
            "name": "75673",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/75673"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-09-30T10:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5"
        },
        {
          "name": "75674",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/75674"
        },
        {
          "name": "1026091",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1026091"
        },
        {
          "name": "46123",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46123"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://develop.twiki.org/trac/changeset/21920"
        },
        {
          "name": "49746",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/49746"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010"
        },
        {
          "name": "20110922 XSS Vulnerabilities in TWiki \u003c 5.1.0",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html"
        },
        {
          "name": "75673",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/75673"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-3010",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5",
              "refsource": "MISC",
              "url": "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5"
            },
            {
              "name": "75674",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/75674"
            },
            {
              "name": "1026091",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1026091"
            },
            {
              "name": "46123",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/46123"
            },
            {
              "name": "http://develop.twiki.org/trac/changeset/21920",
              "refsource": "CONFIRM",
              "url": "http://develop.twiki.org/trac/changeset/21920"
            },
            {
              "name": "49746",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/49746"
            },
            {
              "name": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010",
              "refsource": "CONFIRM",
              "url": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010"
            },
            {
              "name": "20110922 XSS Vulnerabilities in TWiki \u003c 5.1.0",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html"
            },
            {
              "name": "75673",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/75673"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-3010",
    "datePublished": "2011-09-30T10:00:00Z",
    "dateReserved": "2011-08-09T00:00:00Z",
    "dateUpdated": "2024-09-17T03:03:48.239Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"5.0.1\", \"matchCriteriaId\": \"1DE5ACDB-2AEF-4EF1-BADD-657E550CFB5C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0E0A8F3-02EE-4A6D-BAAC-1D52DF063197\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F893E121-82FA-41C8-9BA4-606E6DA01408\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47807C3A-8430-48E3-A7C8-C5A1FEDF84C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"620356EA-F106-41DF-AADA-C1EF5A5A0829\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"979D8BC8-0032-496F-9503-F3BBBC8FA7CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0804FF93-6554-4F56-9974-017198ED5F44\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41445C95-0309-4B90-B725-87D2FE87C9A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9996E5B-36AD-407F-B3B6-839CE8E5913E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"748325A4-A237-498A-A185-905FC921D2A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9FE3EEC6-7E05-4A37-97AA-D73E7D7A0E01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"855671F5-C215-4382-B512-4ABD9D66F13D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9C00515-CFEE-427A-BACE-B3140B0D6C67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9CF4F9B-7ADF-47A2-A556-10CCF7401DA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81DDB420-E707-4319-8395-531FC0D84E5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D7A5A57-AE7D-4D3E-A280-41676F355AEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"710F8276-1147-4EAD-9C34-5F2FEE636F8D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CBEFD95-CB78-4C25-BB41-EB96C780F2F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:4.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F86AFE25-8C05-4F08-A7C1-3850EE930A86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:twiki:twiki:5.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FBAAC5C-F240-4292-98C3-79D9C23FC021\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples vulnerabilidades de ejecuci\\u00f3n de secuencias de comandos en sitios cruzados (XSS) en TWiki antes de v5.1.0, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\\u00e9s de (1) el par\\u00e1metro newtopic en una acci\\u00f3n WebCreateNewTopic, relacionado con TWiki.WebCreateNewTopicTemplate; o (2) la cadena de consulta a SlideShow.pm en el SlideShadowPlugin.\"}]",
      "id": "CVE-2011-3010",
      "lastModified": "2024-11-21T01:29:29.043",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2011-09-30T10:55:04.163",
      "references": "[{\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://develop.twiki.org/trac/changeset/21920\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/46123\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1026091\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.osvdb.org/75673\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.osvdb.org/75674\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/49746\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://develop.twiki.org/trac/changeset/21920\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/46123\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1026091\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/75673\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/75674\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/49746\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-3010\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-09-30T10:55:04.163\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en TWiki antes de v5.1.0, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de (1) el par\u00e1metro newtopic en una acci\u00f3n WebCreateNewTopic, relacionado con TWiki.WebCreateNewTopicTemplate; o (2) la cadena de consulta a SlideShow.pm en el SlideShadowPlugin.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.0.1\",\"matchCriteriaId\":\"1DE5ACDB-2AEF-4EF1-BADD-657E550CFB5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0E0A8F3-02EE-4A6D-BAAC-1D52DF063197\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F893E121-82FA-41C8-9BA4-606E6DA01408\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47807C3A-8430-48E3-A7C8-C5A1FEDF84C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"620356EA-F106-41DF-AADA-C1EF5A5A0829\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"979D8BC8-0032-496F-9503-F3BBBC8FA7CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0804FF93-6554-4F56-9974-017198ED5F44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41445C95-0309-4B90-B725-87D2FE87C9A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9996E5B-36AD-407F-B3B6-839CE8E5913E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"748325A4-A237-498A-A185-905FC921D2A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FE3EEC6-7E05-4A37-97AA-D73E7D7A0E01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"855671F5-C215-4382-B512-4ABD9D66F13D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9C00515-CFEE-427A-BACE-B3140B0D6C67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9CF4F9B-7ADF-47A2-A556-10CCF7401DA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81DDB420-E707-4319-8395-531FC0D84E5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D7A5A57-AE7D-4D3E-A280-41676F355AEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"710F8276-1147-4EAD-9C34-5F2FEE636F8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CBEFD95-CB78-4C25-BB41-EB96C780F2F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:4.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F86AFE25-8C05-4F08-A7C1-3850EE930A86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:twiki:twiki:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FBAAC5C-F240-4292-98C3-79D9C23FC021\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://develop.twiki.org/trac/changeset/21920\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/46123\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1026091\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/75673\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/75674\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/49746\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://develop.twiki.org/trac/changeset/21920\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/46123\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1026091\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/75673\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/75674\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/49746\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-5W6P-CPQH-825M

Vulnerability from github – Published: 2022-05-17 05:29 – Updated: 2022-05-17 05:29

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-3010"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-09-30T10:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin.",
  "id": "GHSA-5w6p-cpqh-825m",
  "modified": "2022-05-17T05:29:48Z",
  "published": "2022-05-17T05:29:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3010"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html"
    },
    {
      "type": "WEB",
      "url": "http://develop.twiki.org/trac/changeset/21920"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/46123"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1026091"
    },
    {
      "type": "WEB",
      "url": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010"
    },
    {
      "type": "WEB",
      "url": "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/75673"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/75674"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/49746"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2011-3010

Vulnerability from fkie_nvd - Published: 2011-09-30 10:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

	URL	Tags
	cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html
	cve@mitre.org	http://develop.twiki.org/trac/changeset/21920
	cve@mitre.org	http://secunia.com/advisories/46123
	cve@mitre.org	http://securitytracker.com/id?1026091
	cve@mitre.org	http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010
	cve@mitre.org	http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5
	cve@mitre.org	http://www.osvdb.org/75673
	cve@mitre.org	http://www.osvdb.org/75674
	cve@mitre.org	http://www.securityfocus.com/bid/49746
	af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html
	af854a3a-2127-422b-91ae-364da2661108	http://develop.twiki.org/trac/changeset/21920
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46123
	af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1026091
	af854a3a-2127-422b-91ae-364da2661108	http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010
	af854a3a-2127-422b-91ae-364da2661108	http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5
	af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/75673
	af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/75674
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/49746

Impacted products

Vendor	Product	Version
twiki	twiki	*
twiki	twiki	4.0
twiki	twiki	4.0.0
twiki	twiki	4.0.1
twiki	twiki	4.0.2
twiki	twiki	4.0.3
twiki	twiki	4.0.4
twiki	twiki	4.0.5
twiki	twiki	4.1.0
twiki	twiki	4.1.1
twiki	twiki	4.1.2
twiki	twiki	4.2.0
twiki	twiki	4.2.1
twiki	twiki	4.2.2
twiki	twiki	4.2.3
twiki	twiki	4.2.4
twiki	twiki	4.3.0
twiki	twiki	4.3.2
twiki	twiki	4.5.0
twiki	twiki	5.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:twiki:twiki:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DE5ACDB-2AEF-4EF1-BADD-657E550CFB5C",
              "versionEndIncluding": "5.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0E0A8F3-02EE-4A6D-BAAC-1D52DF063197",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F893E121-82FA-41C8-9BA4-606E6DA01408",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "47807C3A-8430-48E3-A7C8-C5A1FEDF84C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "620356EA-F106-41DF-AADA-C1EF5A5A0829",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "979D8BC8-0032-496F-9503-F3BBBC8FA7CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0804FF93-6554-4F56-9974-017198ED5F44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "41445C95-0309-4B90-B725-87D2FE87C9A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9996E5B-36AD-407F-B3B6-839CE8E5913E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "748325A4-A237-498A-A185-905FC921D2A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE3EEC6-7E05-4A37-97AA-D73E7D7A0E01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "855671F5-C215-4382-B512-4ABD9D66F13D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9C00515-CFEE-427A-BACE-B3140B0D6C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9CF4F9B-7ADF-47A2-A556-10CCF7401DA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "81DDB420-E707-4319-8395-531FC0D84E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D7A5A57-AE7D-4D3E-A280-41676F355AEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "710F8276-1147-4EAD-9C34-5F2FEE636F8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CBEFD95-CB78-4C25-BB41-EB96C780F2F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F86AFE25-8C05-4F08-A7C1-3850EE930A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:twiki:twiki:5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBAAC5C-F240-4292-98C3-79D9C23FC021",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en TWiki antes de v5.1.0, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de (1) el par\u00e1metro newtopic en una acci\u00f3n WebCreateNewTopic, relacionado con TWiki.WebCreateNewTopicTemplate; o (2) la cadena de consulta a SlideShow.pm en el SlideShadowPlugin."
    }
  ],
  "id": "CVE-2011-3010",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-09-30T10:55:04.163",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://develop.twiki.org/trac/changeset/21920"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/46123"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1026091"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/75673"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/75674"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/49746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://develop.twiki.org/trac/changeset/21920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/46123"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1026091"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/75673"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/75674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/49746"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2011-3010

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-3010

Aliases

CVE-2011-3010

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-3010",
    "description": "Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin.",
    "id": "GSD-2011-3010",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2011-3010"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-3010"
      ],
      "details": "Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin.",
      "id": "GSD-2011-3010",
      "modified": "2023-12-13T01:19:09.978115Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2011-3010",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5",
            "refsource": "MISC",
            "url": "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5"
          },
          {
            "name": "75674",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/75674"
          },
          {
            "name": "1026091",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1026091"
          },
          {
            "name": "46123",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/46123"
          },
          {
            "name": "http://develop.twiki.org/trac/changeset/21920",
            "refsource": "CONFIRM",
            "url": "http://develop.twiki.org/trac/changeset/21920"
          },
          {
            "name": "49746",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/49746"
          },
          {
            "name": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010",
            "refsource": "CONFIRM",
            "url": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010"
          },
          {
            "name": "20110922 XSS Vulnerabilities in TWiki \u003c 5.1.0",
            "refsource": "BUGTRAQ",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html"
          },
          {
            "name": "75673",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/75673"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.0.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:5.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:twiki:twiki:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-3010"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-3010"
            },
            {
              "name": "20110922 XSS Vulnerabilities in TWiki \u003c 5.1.0",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0142.html"
            },
            {
              "name": "49746",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/49746"
            },
            {
              "name": "1026091",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1026091"
            },
            {
              "name": "46123",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/46123"
            },
            {
              "name": "75674",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/75674"
            },
            {
              "name": "http://develop.twiki.org/trac/changeset/21920",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://develop.twiki.org/trac/changeset/21920"
            },
            {
              "name": "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.mavitunasecurity.com/xss-vulnerability-in-twiki5"
            },
            {
              "name": "75673",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/75673"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2012-05-18T04:00Z",
      "publishedDate": "2011-09-30T10:55Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-3010 (GCVE-0-2011-3010)

GHSA-5W6P-CPQH-825M

FKIE_CVE-2011-3010

GSD-2011-3010

Tags

Sightings

Nomenclature