Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4910

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-4910
Last Modified 08 Oct 2012 12:00:00
Published 07 Oct 2012 05:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4910

Summary

Cross-site scripting (XSS) vulnerability in Joomla! before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

Vulnerable Systems

Application

  • Joomla%21 1.5.0

  • Joomla%21 1.5.1

  • Joomla%21 1.5.10

  • Joomla%21 1.5.11

  • Joomla%21 1.5.2

  • Joomla%21 1.5.3

  • Joomla%21 1.5.4

  • Joomla%21 1.5.5

  • Joomla%21 1.5.6

  • Joomla%21 1.5.7

  • Joomla%21 1.5.8

  • Joomla%21 1.5.9


References

BID - 35544

OSVDB - 55590

MLIST - [oss-security] 20111225 Re: CVE-request for three 2009 Joomla issues (second part)

MLIST - [oss-security] 20111225 CVE-request for three 2009 Joomla issues (second part)

SECUNIA - 35668

CONFIRM - http://developer.joomla.org/security/news/299-20090605-core-frontend-xss-phpself-not-properly-filtered.html


Last Updated: 27 May 2016 11:00:52