CVE-2011-1030

{"id": "CVE-2011-1030", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2011-02-14T22:00:07.273", "references": [{"url": "http://secunia.com/advisories/43134", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1025054", "source": "cve@mitre.org"}, {"url": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1LO57850", "source": "cve@mitre.org"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg1LO57850", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/43134", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1025054", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1LO57850", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg1LO57850", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Wikis component in IBM Lotus Connections 3.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to the \"Confirm New Page scene.\""}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en el componente Wikis en IBM Lotus Connections v3.0 que permite a atacantes remotos inyectar script web de su elecci\u00f3n o HTML a trav\u00e9s de vectores relacionados con el \"Confirm New Page scene.\""}], "lastModified": "2024-11-21T01:25:22.033", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_connections:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "215D3AB6-B87F-40FE-8B29-3FF212579238"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}