Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-0773

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-0773
Last Modified 21 Sep 2011 11:28:53
Published 03 Feb 2011 08:00:10
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-0773

Summary

Cross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the image parameter.

Vulnerable Systems

Application

  • Pivotx 2.1.0

  • Pivotx 2.1.1

  • Pivotx 2.1.2

  • Pivotx 2.2.0

  • Pivotx 2.2.1

  • Pivotx 2.2.2


References

CONFIRM - http://blog.pivotx.net/2011-01-31/pivotx-223-released

XF - pivotx-image-xss(64976)

BID - 45983

MISC - http://www.autosectools.com/Advisories/PivotX.2.2.2_Reflected.Cross-site.Scripting_76.html

CONFIRM - http://twitter.com/pivotx/statuses/29889056263376898

SREASON - 8063

SECUNIA - 43045

CONFIRM - http://pivot-weblog.svn.sf.net/viewvc/pivot-weblog?view=revision&revision=3459

MISC - http://packetstormsecurity.org/files/view/97831/Pivotx222-xss.txt

OSVDB - 70672


Last Updated: 27 May 2016 10:56:02