CVE-2010-1164

{"id": "CVE-2010-1164", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-04-20T15:30:00.507", "references": [{"url": "http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2010-04-16", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://jira.atlassian.com/browse/JRA-20994", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://jira.atlassian.com/browse/JRA-21004", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/39353", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2010/04/16/3", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2010/04/16/4", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/39485", "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57826", "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57827", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA 3.12 through 4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) element or (2) defaultColor parameter to the Colour Picker page; the (3) formName parameter, (4) element parameter, or (5) full name field to the User Picker page; the (6) formName parameter, (7) element parameter, or (8) group name field to the Group Picker page; the (9) announcement_preview_banner_st parameter to unspecified components, related to the Announcement Banner Preview page; unspecified vectors involving the (10) groupnames.jsp, (11) indexbrowser.jsp, (12) classpath-debug.jsp, (13) viewdocument.jsp, or (14) cleancommentspam.jsp page; the (15) portletKey parameter to runportleterror.jsp; the (16) URI to issuelinksmall.jsp; the (17) afterURL parameter to screenshot-redirecter.jsp; or the (18) HTTP Referrer header to 500page.jsp, as exploited in the wild in April 2010."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en Atlassian JIRA v3.12 hasta la v4.1. Permiten a usuarios remotos inyectar codigo de script web o c\u00f3digo HTML de su elecci\u00f3n a trav\u00e9s de el par\u00e1metro (1) \"element\" (elemento) o (2) \"defaultColor\" (color por defecto) a la p\u00e1gina de \"Colour Picker\" (selecci\u00f3n de colores); el (3) par\u00e1metro \"formName\", (4) par\u00e1metro \"element\", o (5) campo \"full name\" (nombre completo) a la p\u00e1gina \"User Picker\" (selecci\u00f3n de usuario); el (6) par\u00e1metro formName, (7) par\u00e1metro \"element\", o (8) campo \"group name\" (nombre de grupo) a la p\u00e1gina \"Group Picker\" (selecci\u00f3n de grupo); el (9) par\u00e1metro announcement_preview_banner_st de componentes sin especificar, relacionados con la p\u00e1gina \"Announcement Banner Preview\" (vista previa de anuncio); vectores sin especificar relacionados con las p\u00e1ginas (10) groupnames.jsp, (11) indexbrowser.jsp, (12) classpath-debug.jsp, (13) viewdocument.jsp, o (14) cleancommentspam.jsp; el (15) par\u00e1metro portletKey de runportleterror.jsp; la (16) URI de issuelinksmall.jsp; el (17) par\u00e1metro afterURL de screenshot-redirecter.jsp; o la (18) cabecera HTTP Referrer de 500page.jsp, tal como se ha explotado activamente en Abril del 2010."}], "lastModified": "2017-08-17T01:32:16.587", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:atlassian:jira:3.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEA72E9E-ED89-4CD1-AF2F-3C2060E115FE"}, {"criteria": "cpe:2.3:a:atlassian:jira:3.12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67D2DF18-C072-47EF-9F99-3FBC3BD0B46A"}, {"criteria": "cpe:2.3:a:atlassian:jira:3.12.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "618C3DD0-2AE2-4188-8BC2-69365594ADA0"}, {"criteria": "cpe:2.3:a:atlassian:jira:3.12.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49E76A26-4A32-4D17-AE09-DAA99AAA49D7"}, {"criteria": "cpe:2.3:a:atlassian:jira:3.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59835FFB-BB1C-4403-9CEC-DFC31F1A4D10"}, {"criteria": "cpe:2.3:a:atlassian:jira:3.13.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FAD7160D-BB0D-433A-8C7B-83BC311F53A8"}, {"criteria": "cpe:2.3:a:atlassian:jira:3.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74F52C0A-6567-4466-A20C-9BC457E56592"}, {"criteria": "cpe:2.3:a:atlassian:jira:3.13.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "547EF015-960F-43DB-8985-8BE65B14230A"}, {"criteria": "cpe:2.3:a:atlassian:jira:3.13.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4931F747-FA7D-42BF-B71F-277EE38A29C5"}, {"criteria": "cpe:2.3:a:atlassian:jira:3.13.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "856597BE-1407-4587-B591-BD8B5B097B8A"}, {"criteria": "cpe:2.3:a:atlassian:jira:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6039B692-0E90-428E-B953-D1F21AC48575"}, {"criteria": "cpe:2.3:a:atlassian:jira:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEED2354-51E8-4BF0-A07E-C70E14A8D79A"}, {"criteria": "cpe:2.3:a:atlassian:jira:4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86E22F6B-1CB8-4BAA-85EE-9B5FC4FD7635"}, {"criteria": "cpe:2.3:a:atlassian:jira:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B07F838-5D36-4CEB-9579-3AB8BD67CCB6"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}