nvd-json-data-feeds/CVE-2010/CVE-2010-03xx/CVE-2010-0326.json

{
  "id": "CVE-2010-0326",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2010-01-15T19:30:00.597",
  "lastModified": "2010-01-18T05:00:00.000",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the Developer log (devlog) extension 2.9.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en la extensi\u00f3n de TYPO3 de registro de Desarrollo (devlog) v2.9.1 y anteriores permite a atacantes remotos inyectar HTML o scripts web a trav\u00e9s de vectores no especificados."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.3
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "2.9.1",
              "matchCriteriaId": "B0E8D4F3-BCF0-4313-AF93-20E76E6BBA04"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E72DDE83-0ED6-4A56-BF9A-28A872349FD8"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BA62F96-CC41-4A05-855F-359821EC90C5"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11791D7C-F737-4EFC-9002-B1286E286D5F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "127CBC3F-C22B-4763-A7E3-591FA3817C79"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "88656B43-B567-4950-8F59-0BE3B4E3837C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F53630A-3358-476F-AB79-8B28361CF2EC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D95E74F0-2B72-486C-A857-54F31ED807CF"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB71575D-881B-4F5D-AF95-04C70F8A2D2C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:2.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B0C11BC-28AD-4C7E-B6B2-CA1F5A6D608F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B7F1904-262F-4D1C-9559-4E26DBACE04B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:2.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "193F798D-8C54-4539-BC63-11FB753D8556"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:2.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D756CF70-F5F5-4D00-B9FD-E77BBF2A5E7C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:francois_suter:devlog:2.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E227EF68-D078-4F77-AAEA-7ADDDEFBBFFB"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:rene_fritz:devlog:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80A3D33A-A63F-45E6-BE01-EDEAEC7084C0"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1C59B0-CDF2-4F9A-88C7-61E8F18590DB"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://typo3.org/extensions/repository/view/devlog/2.9.2/",
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    }
  ]
}