mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-12-15 12:22:09 +00:00
85 lines
2.4 KiB
JSON
85 lines
2.4 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2011-1685",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "Best Practical Solutions RT 3.8.0 through 3.8.9 and 4.0.0rc through 4.0.0rc7, when the CustomFieldValuesSources (aka external custom field) option is enabled, allows remote authenticated users to execute arbitrary code via unspecified vectors, as demonstrated by a cross-site request forgery (CSRF) attack."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"url" : "http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000188.html"
|
|
},
|
|
{
|
|
"url" : "http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000187.html"
|
|
},
|
|
{
|
|
"url" : "http://blog.bestpractical.com/2011/04/security-vulnerabilities-in-rt.html"
|
|
},
|
|
{
|
|
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=696795"
|
|
},
|
|
{
|
|
"url" : "http://www.debian.org/security/2011/dsa-2220"
|
|
},
|
|
{
|
|
"url" : "http://www.securityfocus.com/bid/47383"
|
|
},
|
|
{
|
|
"url" : "http://secunia.com/advisories/44189"
|
|
},
|
|
{
|
|
"url" : "http://www.vupen.com/english/advisories/2011/1071"
|
|
},
|
|
{
|
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66791"
|
|
}
|
|
]
|
|
}
|
|
}
|