admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2015/4xxx/CVE-2015-4427.json
CVE Team 36b84e4853
- Synchronized data.
2018-10-09 15:05:48 -04:00

78 lines
2.4 KiB
JSON
Raw Blame History

{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4427",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Test/WorkArea/workarea.aspx in Ektron Content Management System (CMS) before 9.10 SP1 (Build 9.1.0.184.1.114) allow remote authenticated users to inject arbitrary web script or HTML via the (1) page, (2) action, (3) folder_id, or (4) LangType parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20150531 Ektron CMS 9.10 SP1 - XSS Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/535647/100/0/threaded"
},
{
"name" : "http://packetstormsecurity.com/files/132105/Ektron-CMS-9.10-SP1-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/132105/Ektron-CMS-9.10-SP1-Cross-Site-Scripting.html"
},
{
"name" : "http://v00d00sec.com/2015/05/31/cve-2015-3624-csrf-and-xss-vulnerabilities-in-ektron-cms-9-10-sp1/",
"refsource" : "MISC",
"url" : "http://v00d00sec.com/2015/05/31/cve-2015-3624-csrf-and-xss-vulnerabilities-in-ektron-cms-9-10-sp1/"
},
{
"name" : "74942",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74942"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink