admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2015/5xxx/CVE-2015-5520.json

83 lines
2.6 KiB
JSON
Raw Blame History

{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-5520",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Users module in Orchard 1.7.3 through 1.8.2 and 1.9.x before 1.9.1 allows remote attackers to inject arbitrary web script or HTML via the username when creating a new user account, which is not properly handled when deleting an account."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "37533",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/37533/"
},
{
"name" : "20150706 Orchard CMS - Persistent XSS vulnerability",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Jul/32"
},
{
"name" : "http://packetstormsecurity.com/files/132583/Orchard-CMS-1.9.0-1.8.2-1.7.3-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/132583/Orchard-CMS-1.9.0-1.8.2-1.7.3-Cross-Site-Scripting.html"
},
{
"name" : "https://projectzero.gr/en/2015/07/orchard-persistent-xss-vulnerability/",
"refsource" : "MISC",
"url" : "https://projectzero.gr/en/2015/07/orchard-persistent-xss-vulnerability/"
},
{
"name" : "http://docs.orchardproject.net/Documentation/Patch-20150630",
"refsource" : "CONFIRM",
"url" : "http://docs.orchardproject.net/Documentation/Patch-20150630"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink