{ "id": "CVE-2010-1520", "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "published": "2010-06-30T18:30:01.427", "lastModified": "2024-11-21T01:14:37.053", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in logout.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to inject arbitrary web script or HTML via the tznMessage parameter." }, { "lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en logout.php en TaskFreak! Original multiusuario anterior a v0.6.4 permite a atacantes remotos inyectar un script web arbitrario o un HTML mediante el par\u00e1metro tznMessage" } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "baseScore": 4.3, "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-79" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.6.3", "matchCriteriaId": "DBD16390-3175-4C4E-AC14-D91C79039DA0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "74916DB4-F9CA-4F78-B5A2-4530A1D73BF2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "3781C274-BC6C-46F5-A979-80EAFD8987DC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "149B6905-52E4-4BE6-AB01-3E59B0A73DA4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "D0A8FBA7-9263-4552-AD4A-448168EDE32E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "4B9406CC-9A11-4D15-B1F2-1DE37C5B4E76" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "CEB490CD-F78D-4F96-87B5-76867BF08255" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "28A37BFB-42C7-48F9-A228-E6B4F81812EB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F5236352-5D37-448C-83E7-AF82EA76BD7A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "88C2E85E-84B3-4A84-A52C-8BD3902BF23D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "5DF2DF24-A42C-4957-860D-8A0EF399CC6A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "374983C0-7EF9-4FBA-93DC-2F3E4581E4A0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "C85E71E8-DFA7-470E-A670-1C41EEC3D597" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "24F85B2D-E51C-4A3B-8DB8-3BE86772A38F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "62C122D9-4B85-4059-A738-B967045D4D95" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "BE1C0AED-B6C8-4DE4-8264-555A44A26AC3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "92D7514F-9AE9-47E4-8CC6-953F826FBF2C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "621B4E9A-C52F-4EBF-90F0-A886A0F630D8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "A49163CC-9887-4536-A219-CBE36B5D4203" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "BB88A669-1CB6-4D75-B7F5-6A34BAA01265" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "2C67D40D-460F-43A1-B59B-E5C4A52E76FB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "153CBC88-E83E-48B6-9971-A5710770C597" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "895D354C-6983-45FB-AD8F-33974DB0D277" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ADF3DBF5-F5D2-4348-8938-695B32C1DF26" }, { "vulnerable": true, "criteria": "cpe:2.3:a:taskfreak:taskfreak\\!:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9DAB3243-5A9C-4594-91E7-31CA2885CB0E" } ] } ] } ], "references": [ { "url": "http://osvdb.org/65846", "source": "PSIRT-CNA@flexerasoftware.com" }, { "url": "http://secunia.com/advisories/40025", "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ] }, { "url": "http://secunia.com/secunia_research/2010-78/", "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.securityfocus.com/archive/1/512078/100/0/threaded", "source": "PSIRT-CNA@flexerasoftware.com" }, { "url": "http://www.securityfocus.com/bid/41221", "source": "PSIRT-CNA@flexerasoftware.com" }, { "url": "http://www.taskfreak.com/original/versions", "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Patch" ] }, { "url": "http://osvdb.org/65846", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/40025", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "http://secunia.com/secunia_research/2010-78/", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.securityfocus.com/archive/1/512078/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/bid/41221", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.taskfreak.com/original/versions", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] } ] }