CVE-2011-2510
 
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject arbitrary web script or HTML via a link.
Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en la funcionalidad RSS dentro de DokuWiki anterior a v2011-05-25a Rincewind permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un link.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-06-15 CVE Reserved
- 2011-07-14 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (15)
URL | Tag | Source |
---|---|---|
http://www.certa.ssi.gouv.fr/site/CERTA-2011-AVI-366/CERTA-2011-AVI-366.html | X_refsource_misc | |
http://www.dokuwiki.org/changes | X_refsource_misc | |
http://www.securityfocus.com/bid/48364 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/68122 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062380.html | 2017-08-29 | |
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062389.html | 2017-08-29 | |
http://secunia.com/advisories/45009 | 2017-08-29 | |
http://secunia.com/advisories/45190 | 2017-08-29 | |
http://security.gentoo.org/glsa/glsa-201301-07.xml | 2017-08-29 | |
http://www.debian.org/security/2011/dsa-2320 | 2017-08-29 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Dokuwiki Search vendor "Dokuwiki" | Dokuwiki Search vendor "Dokuwiki" for product "Dokuwiki" | <= 2010-11-07a Search vendor "Dokuwiki" for product "Dokuwiki" and version " <= 2010-11-07a" | - |
Affected
| ||||||
Dokuwiki Search vendor "Dokuwiki" | Dokuwiki Search vendor "Dokuwiki" for product "Dokuwiki" | 2005-07-01 Search vendor "Dokuwiki" for product "Dokuwiki" and version "2005-07-01" | - |
Affected
| ||||||
Dokuwiki Search vendor "Dokuwiki" | Dokuwiki Search vendor "Dokuwiki" for product "Dokuwiki" | 2005-07-13 Search vendor "Dokuwiki" for product "Dokuwiki" and version "2005-07-13" | - |
Affected
| ||||||
Dokuwiki Search vendor "Dokuwiki" | Dokuwiki Search vendor "Dokuwiki" for product "Dokuwiki" | 2005-09-19 Search vendor "Dokuwiki" for product "Dokuwiki" and version "2005-09-19" | - |
Affected
| ||||||
Dokuwiki Search vendor "Dokuwiki" | Dokuwiki Search vendor "Dokuwiki" for product "Dokuwiki" | 2005-09-22 Search vendor "Dokuwiki" for product "Dokuwiki" and version "2005-09-22" | - |
Affected
| ||||||
Dokuwiki Search vendor "Dokuwiki" | Dokuwiki Search vendor "Dokuwiki" for product "Dokuwiki" | 2006-03-05 Search vendor "Dokuwiki" for product "Dokuwiki" and version "2006-03-05" | - |
Affected
| ||||||
Dokuwiki Search vendor "Dokuwiki" | Dokuwiki Search vendor "Dokuwiki" for product "Dokuwiki" | 2006-03-09 Search vendor "Dokuwiki" for product "Dokuwiki" and version "2006-03-09" | - |
Affected
| ||||||
Dokuwiki Search vendor "Dokuwiki" | Dokuwiki Search vendor "Dokuwiki" for product "Dokuwiki" | 2006-11-06 Search vendor "Dokuwiki" for product "Dokuwiki" and version "2006-11-06" | - |
Affected
| ||||||
Dokuwiki Search vendor "Dokuwiki" | Dokuwiki Search vendor "Dokuwiki" for product "Dokuwiki" | 2007-06-26 Search vendor "Dokuwiki" for product "Dokuwiki" and version "2007-06-26" | - |
Affected
| ||||||
Dokuwiki Search vendor "Dokuwiki" | Dokuwiki Search vendor "Dokuwiki" for product "Dokuwiki" | 2008-05-05 Search vendor "Dokuwiki" for product "Dokuwiki" and version "2008-05-05" | - |
Affected
| ||||||
Dokuwiki Search vendor "Dokuwiki" | Dokuwiki Search vendor "Dokuwiki" for product "Dokuwiki" | 2009-02-14b Search vendor "Dokuwiki" for product "Dokuwiki" and version "2009-02-14b" | - |
Affected
| ||||||
Dokuwiki Search vendor "Dokuwiki" | Dokuwiki Search vendor "Dokuwiki" for product "Dokuwiki" | 2009-12-25c Search vendor "Dokuwiki" for product "Dokuwiki" and version "2009-12-25c" | - |
Affected
|