Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4335

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-4335
Last Modified 05 Dec 2011 10:57:49
Published 28 Nov 2011 06:55:10
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4335

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Contao before 2.10.2 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php in a (1) teachers.html or (2) teachers/ action.

Vulnerable Systems

Application

  • Contao Cms 2.0

  • Contao Cms 2.1.0

  • Contao Cms 2.1.1

  • Contao Cms 2.1.10

  • Contao Cms 2.1.11

  • Contao Cms 2.1.12

  • Contao Cms 2.1.13

  • Contao Cms 2.1.14

  • Contao Cms 2.1.15

  • Contao Cms 2.1.16

  • Contao Cms 2.1.17

  • Contao Cms 2.1.18

  • Contao Cms 2.1.19

  • Contao Cms 2.1.2

  • Contao Cms 2.1.20

  • Contao Cms 2.1.21

  • Contao Cms 2.1.22

  • Contao Cms 2.1.3

  • Contao Cms 2.1.4

  • Contao Cms 2.1.5

  • Contao Cms 2.1.6

  • Contao Cms 2.1.7

  • Contao Cms 2.1.8

  • Contao Cms 2.1.9

  • Contao Cms 2.10

  • Contao Cms 2.10.0

  • Contao Cms 2.10.1

  • Contao Cms 2.2.0

  • Contao Cms 2.2.1

  • Contao Cms 2.2.10

  • Contao Cms 2.2.11

  • Contao Cms 2.2.12

  • Contao Cms 2.2.2

  • Contao Cms 2.2.3

  • Contao Cms 2.2.4

  • Contao Cms 2.2.5

  • Contao Cms 2.2.6

  • Contao Cms 2.2.7

  • Contao Cms 2.2.8

  • Contao Cms 2.2.9

  • Contao Cms 2.3.0

  • Contao Cms 2.3.1

  • Contao Cms 2.3.2

  • Contao Cms 2.3.3

  • Contao Cms 2.3.4

  • Contao Cms 2.4

  • Contao Cms 2.4.0

  • Contao Cms 2.4.1

  • Contao Cms 2.4.2

  • Contao Cms 2.4.3

  • Contao Cms 2.4.4

  • Contao Cms 2.4.5

  • Contao Cms 2.4.6

  • Contao Cms 2.4.7

  • Contao Cms 2.5

  • Contao Cms 2.5.0

  • Contao Cms 2.5.1

  • Contao Cms 2.5.2

  • Contao Cms 2.5.3

  • Contao Cms 2.5.4

  • Contao Cms 2.5.5

  • Contao Cms 2.5.6

  • Contao Cms 2.5.7

  • Contao Cms 2.5.8

  • Contao Cms 2.5.9

  • Contao Cms 2.6

  • Contao Cms 2.6.0

  • Contao Cms 2.6.1

  • Contao Cms 2.6.2

  • Contao Cms 2.6.3

  • Contao Cms 2.6.4

  • Contao Cms 2.6.5

  • Contao Cms 2.6.6

  • Contao Cms 2.6.7

  • Contao Cms 2.6.8

  • Contao Cms 2.7

  • Contao Cms 2.7.0

  • Contao Cms 2.7.1

  • Contao Cms 2.7.2

  • Contao Cms 2.7.3

  • Contao Cms 2.7.4

  • Contao Cms 2.7.5

  • Contao Cms 2.7.6

  • Contao Cms 2.7.7

  • Contao Cms 2.8

  • Contao Cms 2.8.0

  • Contao Cms 2.8.1

  • Contao Cms 2.8.2

  • Contao Cms 2.8.3

  • Contao Cms 2.8.4

  • Contao Cms 2.9

  • Contao Cms 2.9.0

  • Contao Cms 2.9.1

  • Contao Cms 2.9.2

  • Contao Cms 2.9.3

  • Contao Cms 2.9.4

  • Contao Cms 2.9.5


References

BUGTRAQ - 20111008 Contao 2.10.1 Cross-site scripting vulnerability

MISC - http://www.rul3z.de/advisories/SSCHADV2011-025.txt

MLIST - [oss-security] 20111121 Re: CVE-request: Contao 2.10.1 Cross-site scripting vulnerability

MLIST - [oss-security] 20111122 CVE-request: Contao 2.10.1 Cross-site scripting vulnerability

CONFIRM - http://dev.contao.org/projects/typolight/repository/revisions/1041


Last Updated: 27 May 2016 10:57:48