{ "id": "CVE-2008-5786", "sourceIdentifier": "cve@mitre.org", "published": "2008-12-31T11:30:00.280", "lastModified": "2017-08-08T01:33:32.017", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Silva Find extension 1.1.5 and earlier in Silva 1.x before 1.6.3.2, Silva 2.0 before 2.0.12.2, and Silva 2.1 before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the fulltext parameter." }, { "lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en la extensi\u00f3n Silva Find v1.1.5 y anteriores en Silva v1.x anterior a v1.6.3.2, Silva v2.0 anterior a v2.0.12.2, y Silva v2.1 anterior a v2.1.0.2, permite a atacantes remotos inyectar secuencias de comandos web y HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"fulltext\"." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 4.3 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-79" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "BDC5F3F4-193C-4008-89DE-2C57E4C11E53" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "CADC1549-2548-4C5F-A6EE-9A8676E07F1E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "37F28947-F4E3-4A18-A54F-8BCC8EFD81EE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2726264-675C-4B0D-99F0-EB5B98AE3D29" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "8182A4CB-A9FC-44E0-A086-2F1C9B328D1E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "8536FC3B-62A2-457B-AF5A-49019A02CC92" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "F6CDB488-5AF8-4D9C-91DE-90771CE6C4E1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.1b1:*:*:*:*:*:*:*", "matchCriteriaId": "25F6946D-B16C-4A28-8421-C91C78EDC1E1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.1b2:*:*:*:*:*:*:*", "matchCriteriaId": "8313F394-6B86-4921-AA79-02860A1CDDEA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BA48537-123A-40D9-9E50-58DF27F09ABB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8A288B6-3D0A-4E24-A40D-34746E1D6D19" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "18905BD4-4F53-4C59-A7A5-E0EF31F36244" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "156E4C2A-0CCC-4C61-9C63-81F72FDA7C0F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.2b1:*:*:*:*:*:*:*", "matchCriteriaId": "5F2F33F1-31B9-4A04-BD62-CCEF423EE28F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "4CF909D5-D106-4450-8911-37F0DD0C34E0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.3b3:*:*:*:*:*:*:*", "matchCriteriaId": "EAADD71D-A56E-4E4E-A496-5413B66DFA0D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "D522AEEA-DB52-49B5-83D5-5FAAD596B0A1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "03AA8327-1387-40CA-A7AC-30D85102D3C5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F8EC75B1-DB7E-4948-B780-E6EDB01CD96B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.4b1:*:*:*:*:*:*:*", "matchCriteriaId": "5A1118B0-5FA1-44D6-8A59-AB88CB6D7A8C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "A4EE06BD-B6A6-4C15-A68C-996497E3ECB3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "F9812465-443C-4705-9F33-2FD23E12C642" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "3AD67F52-03B2-4886-8B19-563345E82CEF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "D82D2FE1-5002-4686-AD98-8D9BA5778B12" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "3190B8FE-FD30-4C94-83A6-FB1169205452" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "B50E02F1-D6A0-40B5-A596-A455A88C4EFA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "67FB8E64-3560-4939-BA09-87A24BF8FAB1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "BC24C47E-ACB6-466B-BA9B-7FC161079A9D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "471A9E3D-23D7-4A24-8039-B9D4C0226886" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "A48BA931-2717-41FD-BA2B-9B7D6B954259" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.5.12:*:*:*:*:*:*:*", "matchCriteriaId": "608CC05A-F055-4AF2-93ED-30F41F3D88A9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.5b1:*:*:*:*:*:*:*", "matchCriteriaId": "3AD570CC-8EF6-4E3C-8BE8-9C57F146E46B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "4E38B353-669B-4F65-A6C1-1E453298E9CB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "DFEFB8EC-8B60-4BDD-9755-10042D69C3B4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "EB410E06-37EE-4D9D-AC71-CABAD5D3EE06" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "E99D1501-8085-4E5B-9A9A-D8B7124C2A3A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.6b3:*:*:*:*:*:*:*", "matchCriteriaId": "320F8CF2-7981-47D5-B960-8C97D67607A3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:1.6b4:*:*:*:*:*:*:*", "matchCriteriaId": "A7580A86-49DC-49CE-AE2B-50FF562A2949" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "38AEC1A8-447D-410F-AFEA-EA8786778E7E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "81E6291B-D5AA-4DDB-B90D-00EE3318950A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "8ACCAB7E-96D6-4058-B501-5C376A576295" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "E3AD7553-44B3-4495-B3FE-B36A8E12040E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2D2220AD-1C3D-4E83-8D37-B1564D3E8C46" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "4CFC90C8-2835-4779-A377-3B7D6822889B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "09EA59F6-3532-4DF5-A6CB-CDBFDBA763E7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "11186132-E216-4CD8-8ED2-B358C4030976" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "DCE2E90E-0CBF-4E7B-B219-862769BA7EA5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "477275E1-70D8-43BE-B960-573106887EFC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "01CC2C0A-9BB4-4D0A-A504-F8341CB9C0E9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "61C67C3B-A090-49F0-8B0E-08EC9842E1D0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0a1:*:*:*:*:*:*:*", "matchCriteriaId": "A4E0BB70-898D-496A-BB85-CE4B0632885F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.0b1:*:*:*:*:*:*:*", "matchCriteriaId": "1A075B25-9069-4C15-A8DF-6442D1BCB1CF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EB9CE7E6-CF08-4040-A527-60783033D6C5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.1a2:*:*:*:*:*:*:*", "matchCriteriaId": "EF1ABA33-1F5D-43B3-8143-BB3B76055FC2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva:2.1b1:*:*:*:*:*:*:*", "matchCriteriaId": "A897EB3E-9491-497E-AA99-79D0FFDCBDE6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva_find:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1.5", "matchCriteriaId": "38E26E3B-83BA-400A-A188-6DC5D73682EC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva_find:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7689C4EF-7558-46AD-915E-07C909B99508" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva_find:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AEC9A96D-2403-46E5-AEDC-3423F77F3492" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva_find:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "56D294F5-D3F7-4C75-B259-754CFC511710" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva_find:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "53DDCAC5-6B3C-41FA-AA11-525C5495112C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva_find:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "710020FE-9498-4503-AF78-5B26CEBAE272" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva_find:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AB5998AE-69F0-4684-9616-D5F5956A9E60" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva_find:1.1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "80BB915B-C41E-4CD8-9DC2-DA7AEDF9EBFE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva_find:1.1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "4A2E6603-3CC0-4DF5-B28D-C8AD90EF51D8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva_find:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "58FC3131-A342-47D6-AAF9-7EEE4C8A2E23" }, { "vulnerable": true, "criteria": "cpe:2.3:a:infrae:silva_find:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "19287B1F-FFAA-4567-9863-1E3526BD52B3" } ] } ] } ], "references": [ { "url": "http://holisticinfosec.org/content/view/91/45/", "source": "cve@mitre.org", "tags": [ "Patch" ] }, { "url": "http://www.infrae.com/newsitems/silva_security_bulletin_08-11-07", "source": "cve@mitre.org", "tags": [ "Patch" ] }, { "url": "http://www.securityfocus.com/bid/32183", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46427", "source": "cve@mitre.org" } ] }