Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3985

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2011-3985
Last Modified 10 Nov 2011 12:00:00
Published 09 Nov 2011 06:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2011-3985

Summary

Cross-site scripting (XSS) vulnerability in Plume before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Plume-cms Plume Cms 1.0.2

  • Plume-cms Plume Cms 1.0.3

  • Plume-cms Plume Cms 1.0.4

  • Plume-cms Plume Cms 1.0.5

  • Plume-cms Plume Cms 1.0.6

  • Plume-cms Plume Cms 1.1.3

  • Plume-cms Plume Cms 1.2

  • Plume-cms Plume Cms 1.2.1

  • Plume-cms Plume Cms 1.2.2


References

JVNDB - JVNDB-2011-000083

JVN - JVN#08307791


Last Updated: 27 May 2016 10:57:48