CVE-2011-4340 (GCVE-0-2011-4340)

Vulnerability from cvelistv5 – Published: 2012-02-12 22:00 – Updated: 2024-08-07 00:01
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.2.3 and possibly other versions before 2.2.4 allow remote authenticated users with Author privileges to inject arbitrary web script or HTML via (1) the profile parameter to extensions/profiledevkit/content/content.profile.php, as demonstrated via requests to (a) the default URI, (b) about/, or (c) drafts/; or (2) the filter parameter in symphony/lib/core/class.symphony.php, as demonstrated via requests to (d) symphony/publish/comments or (e) symphony/publish/images. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Date Public ?
2011-09-30 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:01:51.600Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.mavitunasecurity.com/xss-and-sql-injection-vulnerabilities-in-symphony-cms/"
          },
          {
            "name": "20111101 XSS and SQL Injection Vulnerabilities on Symphony CMS 2.2.3",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2011/Nov/8"
          },
          {
            "name": "symphony-multiple-xss(71106)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71106"
          },
          {
            "name": "76883",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/76883"
          },
          {
            "name": "46663",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46663"
          },
          {
            "name": "76882",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/76882"
          },
          {
            "name": "[oss-security] 20111122 Re: CVE-request: Symphony CMS Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (NS-11-008)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/11/22/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://symphony-cms.com/download/releases/version/2.2.4/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.org/files/view/106493/symphonycms-sqlxss.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-09-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.2.3 and possibly other versions before 2.2.4 allow remote authenticated users with Author privileges to inject arbitrary web script or HTML via (1) the profile parameter to extensions/profiledevkit/content/content.profile.php, as demonstrated via requests to (a) the default URI, (b) about/, or (c) drafts/; or (2) the filter parameter in symphony/lib/core/class.symphony.php, as demonstrated via requests to (d) symphony/publish/comments or (e) symphony/publish/images.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.mavitunasecurity.com/xss-and-sql-injection-vulnerabilities-in-symphony-cms/"
        },
        {
          "name": "20111101 XSS and SQL Injection Vulnerabilities on Symphony CMS 2.2.3",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2011/Nov/8"
        },
        {
          "name": "symphony-multiple-xss(71106)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71106"
        },
        {
          "name": "76883",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/76883"
        },
        {
          "name": "46663",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46663"
        },
        {
          "name": "76882",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/76882"
        },
        {
          "name": "[oss-security] 20111122 Re: CVE-request: Symphony CMS Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (NS-11-008)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/11/22/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://symphony-cms.com/download/releases/version/2.2.4/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.org/files/view/106493/symphonycms-sqlxss.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2011-4340",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.2.3 and possibly other versions before 2.2.4 allow remote authenticated users with Author privileges to inject arbitrary web script or HTML via (1) the profile parameter to extensions/profiledevkit/content/content.profile.php, as demonstrated via requests to (a) the default URI, (b) about/, or (c) drafts/; or (2) the filter parameter in symphony/lib/core/class.symphony.php, as demonstrated via requests to (d) symphony/publish/comments or (e) symphony/publish/images.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.mavitunasecurity.com/xss-and-sql-injection-vulnerabilities-in-symphony-cms/",
              "refsource": "MISC",
              "url": "http://www.mavitunasecurity.com/xss-and-sql-injection-vulnerabilities-in-symphony-cms/"
            },
            {
              "name": "20111101 XSS and SQL Injection Vulnerabilities on Symphony CMS 2.2.3",
              "refsource": "BUGTRAQ",
              "url": "http://seclists.org/bugtraq/2011/Nov/8"
            },
            {
              "name": "symphony-multiple-xss(71106)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71106"
            },
            {
              "name": "76883",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/76883"
            },
            {
              "name": "46663",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/46663"
            },
            {
              "name": "76882",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/76882"
            },
            {
              "name": "[oss-security] 20111122 Re: CVE-request: Symphony CMS Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (NS-11-008)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2011/11/22/9"
            },
            {
              "name": "http://symphony-cms.com/download/releases/version/2.2.4/",
              "refsource": "CONFIRM",
              "url": "http://symphony-cms.com/download/releases/version/2.2.4/"
            },
            {
              "name": "http://packetstormsecurity.org/files/view/106493/symphonycms-sqlxss.txt",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.org/files/view/106493/symphonycms-sqlxss.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-4340",
    "datePublished": "2012-02-12T22:00:00.000Z",
    "dateReserved": "2011-11-04T00:00:00.000Z",
    "dateUpdated": "2024-08-07T00:01:51.600Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2011-4340",
      "date": "2026-04-25",
      "epss": "0.01384",
      "percentile": "0.80381"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symphony-cms:symphony_cms:2.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B104F5B3-ED98-4188-A1FA-16ECBA79E0E8\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.2.3 and possibly other versions before 2.2.4 allow remote authenticated users with Author privileges to inject arbitrary web script or HTML via (1) the profile parameter to extensions/profiledevkit/content/content.profile.php, as demonstrated via requests to (a) the default URI, (b) about/, or (c) drafts/; or (2) the filter parameter in symphony/lib/core/class.symphony.php, as demonstrated via requests to (d) symphony/publish/comments or (e) symphony/publish/images.  NOTE: some of these details are obtained from third party information.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples vulnerabilidades de ejecuci\\u00f3n de comandos en sitios cruzados (XSS) en Symphony CMS v2.2.3 y posiblemente otras versiones antes de v2.2.4 permite inyectar secuencias de comandos web o HTML, a usuarios remotos autenticados con privilegios de Autor, a trav\\u00e9s de (1) el par\\u00e1metro \u0027profile\u0027 (perfil) en extensions/profiledevkit/content/content.profile.php, tal y como se demuestra a trav\\u00e9s de peticiones a (a) la URI por defecto, (b) about/, o (c) drafts/, o (2) el par\\u00e1metro \u0027filter\u0027 en symphony/lib/core/class.symphony.php, tal y como se demuestra a trav\\u00e9s de peticiones a (d) symphony/publish/comments o (e) symphony/publish/images. NOTA: algunos de estos detalles han sido obtenidos de informaci\\u00f3n de terceros.\"}]",
      "id": "CVE-2011-4340",
      "lastModified": "2024-11-21T01:32:16.133",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:N/I:P/A:N\", \"baseScore\": 3.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 6.8, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2012-02-12T22:55:00.903",
      "references": "[{\"url\": \"http://packetstormsecurity.org/files/view/106493/symphonycms-sqlxss.txt\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://seclists.org/bugtraq/2011/Nov/8\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/46663\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://symphony-cms.com/download/releases/version/2.2.4/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.mavitunasecurity.com/xss-and-sql-injection-vulnerabilities-in-symphony-cms/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/11/22/9\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.osvdb.org/76882\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.osvdb.org/76883\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/71106\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://packetstormsecurity.org/files/view/106493/symphonycms-sqlxss.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://seclists.org/bugtraq/2011/Nov/8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/46663\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://symphony-cms.com/download/releases/version/2.2.4/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.mavitunasecurity.com/xss-and-sql-injection-vulnerabilities-in-symphony-cms/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/11/22/9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/76882\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/76883\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/71106\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-4340\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2012-02-12T22:55:00.903\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.2.3 and possibly other versions before 2.2.4 allow remote authenticated users with Author privileges to inject arbitrary web script or HTML via (1) the profile parameter to extensions/profiledevkit/content/content.profile.php, as demonstrated via requests to (a) the default URI, (b) about/, or (c) drafts/; or (2) the filter parameter in symphony/lib/core/class.symphony.php, as demonstrated via requests to (d) symphony/publish/comments or (e) symphony/publish/images.  NOTE: some of these details are obtained from third party information.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en Symphony CMS v2.2.3 y posiblemente otras versiones antes de v2.2.4 permite inyectar secuencias de comandos web o HTML, a usuarios remotos autenticados con privilegios de Autor, a trav\u00e9s de (1) el par\u00e1metro \u0027profile\u0027 (perfil) en extensions/profiledevkit/content/content.profile.php, tal y como se demuestra a trav\u00e9s de peticiones a (a) la URI por defecto, (b) about/, o (c) drafts/, o (2) el par\u00e1metro \u0027filter\u0027 en symphony/lib/core/class.symphony.php, tal y como se demuestra a trav\u00e9s de peticiones a (d) symphony/publish/comments o (e) symphony/publish/images. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:N/I:P/A:N\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symphony-cms:symphony_cms:2.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B104F5B3-ED98-4188-A1FA-16ECBA79E0E8\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.org/files/view/106493/symphonycms-sqlxss.txt\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://seclists.org/bugtraq/2011/Nov/8\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/46663\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://symphony-cms.com/download/releases/version/2.2.4/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.mavitunasecurity.com/xss-and-sql-injection-vulnerabilities-in-symphony-cms/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/11/22/9\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.osvdb.org/76882\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.osvdb.org/76883\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/71106\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://packetstormsecurity.org/files/view/106493/symphonycms-sqlxss.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/bugtraq/2011/Nov/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/46663\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://symphony-cms.com/download/releases/version/2.2.4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.mavitunasecurity.com/xss-and-sql-injection-vulnerabilities-in-symphony-cms/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/11/22/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/76882\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/76883\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/71106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.