mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
103 lines
3.0 KiB
JSON
103 lines
3.0 KiB
JSON
{
|
|
"id": "CVE-2008-4663",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2008-10-22T02:10:02.097",
|
|
"lastModified": "2017-08-08T01:32:49.107",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Cross-site scripting (XSS) vulnerability in analysis.cgi 1.44, as used in K's CGI Access Log Kaiseki (1) jcode.pl and (2) Jcode.pm, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en analysis.cgi v1.44 usado en K's CGI Access Log Kaiseki (1) jcode.pl y (2) Jcode.pm, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s de vectores no especificados."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 4.3
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-79"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:kumacchi:ks_cgi_access_log:1.44:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "69EDF733-C969-4B4E-B541-07ECD7DCB786"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://jvn.jp/en/jp/JVN46869708/index.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://jvn.jp/en/jp/JVN72065744/index.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000043.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000044.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.kumacchi.com/cgiroom/cgis/accesslogex/accesslogex.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.kumacchi.com/cgiroom/index.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46053",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |