daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Auto Generated CVE annotations [Tue Jun 7 21:01:47 UTC 2022] 🤖

patch-1
GitHub Action 2022-06-07 21:01:47 +00:00
parent d2bf3e0569
commit 3c5e130346
33 changed files with 36 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cves/2002/CVE-2002-1131.yaml
View File

@ -9,6 +9,7 @@ info:
- https://www.exploit-db.com/exploits/21811 - https://www.exploit-db.com/exploits/21811
- https://web.archive.org/web/20051124131714/http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html - https://web.archive.org/web/20051124131714/http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
- http://web.archive.org/web/20210129020617/https://www.securityfocus.com/bid/5763/ - http://web.archive.org/web/20210129020617/https://www.securityfocus.com/bid/5763/
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
classification: classification:
cve-id: CVE-2002-1131 cve-id: CVE-2002-1131
tags: xss,squirrelmail,cve,cve2002 tags: xss,squirrelmail,cve,cve2002

1
cves/2005/CVE-2005-4385.yaml
View File

@ -9,6 +9,7 @@ info:
- http://pridels0.blogspot.com/2005/12/cofax-xss-vuln.html - http://pridels0.blogspot.com/2005/12/cofax-xss-vuln.html
- https://nvd.nist.gov/vuln/detail/CVE-2005-4385 - https://nvd.nist.gov/vuln/detail/CVE-2005-4385
- http://web.archive.org/web/20210121165100/https://www.securityfocus.com/bid/15940/ - http://web.archive.org/web/20210121165100/https://www.securityfocus.com/bid/15940/
- http://www.securityfocus.com/bid/15940
classification: classification:
cve-id: CVE-2005-4385 cve-id: CVE-2005-4385
tags: cofax,xss,cve,cve2005 tags: cofax,xss,cve,cve2005

1
cves/2006/CVE-2006-1681.yaml
View File

@ -9,7 +9,6 @@ info:
- http://web.archive.org/web/20210217161726/https://www.securityfocus.com/bid/17408/ - http://web.archive.org/web/20210217161726/https://www.securityfocus.com/bid/17408/
- https://nvd.nist.gov/vuln/detail/CVE-2006-1681 - https://nvd.nist.gov/vuln/detail/CVE-2006-1681
- http://secunia.com/advisories/19587 - http://secunia.com/advisories/19587
- http://web.archive.org/web/20210217161726/https://www.securityfocus.com/bid/17408/
classification: classification:
cve-id: CVE-2006-1681 cve-id: CVE-2006-1681
tags: cherokee,httpd,xss,cve,cve2006 tags: cherokee,httpd,xss,cve,cve2006

1
cves/2007/CVE-2007-0885.yaml
View File

@ -9,6 +9,7 @@ info:
- http://web.archive.org/web/20201208220614/https://www.securityfocus.com/archive/1/459590/100/0/threaded - http://web.archive.org/web/20201208220614/https://www.securityfocus.com/archive/1/459590/100/0/threaded
- https://web.archive.org/web/20210119080228/http://www.securityfocus.com/bid/22503 - https://web.archive.org/web/20210119080228/http://www.securityfocus.com/bid/22503
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32418 - https://exchange.xforce.ibmcloud.com/vulnerabilities/32418
- http://www.securityfocus.com/bid/22503
classification: classification:
cve-id: CVE-2007-0885 cve-id: CVE-2007-0885
tags: cve,cve2007,jira,xss tags: cve,cve2007,jira,xss

1
cves/2009/CVE-2009-1496.yaml
View File

@ -9,6 +9,7 @@ info:
- https://www.exploit-db.com/exploits/8367 - https://www.exploit-db.com/exploits/8367
- https://www.cvedetails.com/cve/CVE-2009-1496 - https://www.cvedetails.com/cve/CVE-2009-1496
- http://web.archive.org/web/20210121190149/https://www.securityfocus.com/bid/34431/ - http://web.archive.org/web/20210121190149/https://www.securityfocus.com/bid/34431/
- http://www.securityfocus.com/bid/34431
classification: classification:
cve-id: CVE-2009-1496 cve-id: CVE-2009-1496
tags: cve,cve2009,joomla,lfi tags: cve,cve2009,joomla,lfi

1
cves/2009/CVE-2009-2100.yaml
View File

@ -9,6 +9,7 @@ info:
- https://www.exploit-db.com/exploits/8946 - https://www.exploit-db.com/exploits/8946
- https://www.cvedetails.com/cve/CVE-2009-2100 - https://www.cvedetails.com/cve/CVE-2009-2100
- http://web.archive.org/web/20210121191226/https://www.securityfocus.com/bid/35378/ - http://web.archive.org/web/20210121191226/https://www.securityfocus.com/bid/35378/
- http://www.securityfocus.com/bid/35378
classification: classification:
cve-id: CVE-2009-2100 cve-id: CVE-2009-2100
tags: cve,cve2009,joomla,lfi tags: cve,cve2009,joomla,lfi

1
cves/2009/CVE-2009-3318.yaml
View File

@ -9,6 +9,7 @@ info:
- https://www.exploit-db.com/exploits/9706 - https://www.exploit-db.com/exploits/9706
- https://www.cvedetails.com/cve/CVE-2009-3318 - https://www.cvedetails.com/cve/CVE-2009-3318
- https://web.archive.org/web/20210121192413/https://www.securityfocus.com/bid/36441/ - https://web.archive.org/web/20210121192413/https://www.securityfocus.com/bid/36441/
- http://www.securityfocus.com/bid/36441
classification: classification:
cve-id: CVE-2009-3318 cve-id: CVE-2009-3318
tags: cve,cve2009,joomla,lfi tags: cve,cve2009,joomla,lfi

1
cves/2010/CVE-2010-0985.yaml
View File

@ -9,6 +9,7 @@ info:
- https://www.exploit-db.com/exploits/10948 - https://www.exploit-db.com/exploits/10948
- https://www.cvedetails.com/cve/CVE-2010-0985 - https://www.cvedetails.com/cve/CVE-2010-0985
- http://web.archive.org/web/20210623092041/https://www.securityfocus.com/bid/37560 - http://web.archive.org/web/20210623092041/https://www.securityfocus.com/bid/37560
- http://www.securityfocus.com/bid/37560
remediation: Apply all relevant security patches and product upgrades. remediation: Apply all relevant security patches and product upgrades.
classification: classification:
cve-id: CVE-2010-0985 cve-id: CVE-2010-0985

1
cves/2010/CVE-2010-1081.yaml
View File

@ -9,6 +9,7 @@ info:
- https://www.exploit-db.com/exploits/11511 - https://www.exploit-db.com/exploits/11511
- https://www.cvedetails.com/cve/CVE-2010-1081 - https://www.cvedetails.com/cve/CVE-2010-1081
- http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html - http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html
- http://osvdb.org/62506
remediation: Apply all relevant security patches and product upgrades. remediation: Apply all relevant security patches and product upgrades.
classification: classification:
cve-id: CVE-2010-1081 cve-id: CVE-2010-1081

1
cves/2010/CVE-2010-1304.yaml
View File

@ -9,6 +9,7 @@ info:
- https://www.exploit-db.com/exploits/11998 - https://www.exploit-db.com/exploits/11998
- https://www.cvedetails.com/cve/CVE-2010-1304 - https://www.cvedetails.com/cve/CVE-2010-1304
- http://web.archive.org/web/20210518080735/https://www.securityfocus.com/bid/39174 - http://web.archive.org/web/20210518080735/https://www.securityfocus.com/bid/39174
- http://www.securityfocus.com/bid/39174
remediation: Upgrade to a supported version. remediation: Upgrade to a supported version.
classification: classification:
cve-id: CVE-2010-1304 cve-id: CVE-2010-1304

1
cves/2010/CVE-2010-1313.yaml
View File

@ -9,6 +9,7 @@ info:
- https://www.exploit-db.com/exploits/12082 - https://www.exploit-db.com/exploits/12082
- https://www.cvedetails.com/cve/CVE-2010-1313 - https://www.cvedetails.com/cve/CVE-2010-1313
- http://web.archive.org/web/20210121195302/https://www.securityfocus.com/bid/39237/ - http://web.archive.org/web/20210121195302/https://www.securityfocus.com/bid/39237/
- http://www.securityfocus.com/bid/39237
remediation: Upgrade to a supported version. remediation: Upgrade to a supported version.
classification: classification:
cve-id: CVE-2010-1313 cve-id: CVE-2010-1313

1
cves/2010/CVE-2010-1461.yaml
View File

@ -9,6 +9,7 @@ info:
- https://www.exploit-db.com/exploits/12232 - https://www.exploit-db.com/exploits/12232
- https://www.cvedetails.com/cve/CVE-2010-1461 - https://www.cvedetails.com/cve/CVE-2010-1461
- http://web.archive.org/web/20210518110953/https://www.securityfocus.com/bid/39504 - http://web.archive.org/web/20210518110953/https://www.securityfocus.com/bid/39504
- http://www.securityfocus.com/bid/39504
remediation: Upgrade to a supported version. remediation: Upgrade to a supported version.
classification: classification:
cve-id: CVE-2010-1461 cve-id: CVE-2010-1461

1
cves/2010/CVE-2010-1715.yaml
View File

@ -9,6 +9,7 @@ info:
- https://www.exploit-db.com/exploits/12174 - https://www.exploit-db.com/exploits/12174
- https://www.cvedetails.com/cve/CVE-2010-1715 - https://www.cvedetails.com/cve/CVE-2010-1715
- http://packetstormsecurity.org/1004-exploits/joomlaonlineexam-lfi.txt - http://packetstormsecurity.org/1004-exploits/joomlaonlineexam-lfi.txt
- http://www.osvdb.org/63659
classification: classification:
cve-id: CVE-2010-1715 cve-id: CVE-2010-1715
tags: cve,cve2010,joomla,lfi tags: cve,cve2010,joomla,lfi

1
cves/2010/CVE-2010-2307.yaml
View File

@ -9,6 +9,7 @@ info:
- http://web.archive.org/web/20210120195654/https://www.securityfocus.com/bid/40550/info - http://web.archive.org/web/20210120195654/https://www.securityfocus.com/bid/40550/info
- https://nvd.nist.gov/vuln/detail/CVE-2010-2307 - https://nvd.nist.gov/vuln/detail/CVE-2010-2307
- https://www.exploit-db.com/exploits/12865 - https://www.exploit-db.com/exploits/12865
- http://www.osvdb.org/65249
remediation: Upgrade to a supported product version. remediation: Upgrade to a supported product version.
classification: classification:
cve-id: CVE-2010-2307 cve-id: CVE-2010-2307

1
cves/2010/CVE-2010-2507.yaml
View File

@ -9,6 +9,7 @@ info:
- https://www.exploit-db.com/exploits/13981 - https://www.exploit-db.com/exploits/13981
- https://www.cvedetails.com/cve/CVE-2010-2507 - https://www.cvedetails.com/cve/CVE-2010-2507
- http://secunia.com/advisories/40297 - http://secunia.com/advisories/40297
- http://osvdb.org/65674
remediation: Upgrade to a supported version. remediation: Upgrade to a supported version.
classification: classification:
cve-id: CVE-2010-2507 cve-id: CVE-2010-2507

1
cves/2011/CVE-2011-1669.yaml
View File

@ -9,6 +9,7 @@ info:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1669 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1669
- https://www.exploit-db.com/exploits/17119 - https://www.exploit-db.com/exploits/17119
- http://web.archive.org/web/20210121212348/https://www.securityfocus.com/bid/47146/ - http://web.archive.org/web/20210121212348/https://www.securityfocus.com/bid/47146/
- http://www.securityfocus.com/bid/47146
remediation: Upgrade to a supported version. remediation: Upgrade to a supported version.
classification: classification:
cve-id: CVE-2011-1669 cve-id: CVE-2011-1669

2
cves/2011/CVE-2011-2780.yaml
View File

@ -15,9 +15,9 @@ info:
- http://securityreason.com/securityalert/8312 - http://securityreason.com/securityalert/8312
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68565 - https://exchange.xforce.ibmcloud.com/vulnerabilities/68565
- http://web.archive.org/web/20201207104106/https://www.securityfocus.com/archive/1/518890/100/0/threaded - http://web.archive.org/web/20201207104106/https://www.securityfocus.com/archive/1/518890/100/0/threaded
remediation: Upgrade to a supported version.
classification: classification:
cve-id: CVE-2011-2780 cve-id: CVE-2011-2780
remediation: Upgrade to a supported version.
tags: cve,cve2011,lfi,chyrp tags: cve,cve2011,lfi,chyrp
requests: requests:

3
cves/2011/CVE-2011-4336.yaml
View File

@ -9,12 +9,13 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2011-4336 - https://nvd.nist.gov/vuln/detail/CVE-2011-4336
- http://web.archive.org/web/20210328232945/https://www.securityfocus.com/bid/48806/info - http://web.archive.org/web/20210328232945/https://www.securityfocus.com/bid/48806/info
- https://seclists.org/bugtraq/2011/Nov/140 - https://seclists.org/bugtraq/2011/Nov/140
- https://www.securityfocus.com/bid/48806/info
remediation: Upgrade to a supported version.
classification: classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1 cvss-score: 6.1
cve-id: CVE-2011-4336 cve-id: CVE-2011-4336
cwe-id: CWE-79 cwe-id: CWE-79
remediation: Upgrade to a supported version.
tags: cve,cve2011,xss,tikiwiki tags: cve,cve2011,xss,tikiwiki
requests: requests:

1
cves/2011/CVE-2011-4618.yaml
View File

@ -9,6 +9,7 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2011-4618 - https://nvd.nist.gov/vuln/detail/CVE-2011-4618
- http://web.archive.org/web/20210121070605/https://www.securityfocus.com/archive/1/520589 - http://web.archive.org/web/20210121070605/https://www.securityfocus.com/archive/1/520589
- http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities - http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities
- http://www.securityfocus.com/archive/1/520589
remediation: Upgrade to a supported version. remediation: Upgrade to a supported version.
classification: classification:
cve-id: CVE-2011-4618 cve-id: CVE-2011-4618

1
cves/2011/CVE-2011-4624.yaml
View File

@ -9,6 +9,7 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2011-4624 - https://nvd.nist.gov/vuln/detail/CVE-2011-4624
- http://www.openwall.com/lists/oss-security/2011/12/23/2 - http://www.openwall.com/lists/oss-security/2011/12/23/2
- http://plugins.trac.wordpress.org/changeset/469785 - http://plugins.trac.wordpress.org/changeset/469785
- http://archives.neohapsis.com/archives/bugtraq/2011-12/0180.html
remediation: Upgrade to a supported version. remediation: Upgrade to a supported version.
classification: classification:
cve-id: CVE-2011-4624 cve-id: CVE-2011-4624

1
cves/2011/CVE-2011-5181.yaml
View File

@ -9,6 +9,7 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2011-5181 - https://nvd.nist.gov/vuln/detail/CVE-2011-5181
- http://web.archive.org/web/20210123155244/https://www.securityfocus.com/bid/50778/ - http://web.archive.org/web/20210123155244/https://www.securityfocus.com/bid/50778/
- http://wordpress.org/extend/plugins/clickdesk-live-support-chat-plugin/changelog/ - http://wordpress.org/extend/plugins/clickdesk-live-support-chat-plugin/changelog/
- http://www.securityfocus.com/bid/50778
classification: classification:
cve-id: CVE-2011-5181 cve-id: CVE-2011-5181
tags: cve,cve2011,wordpress,xss,wp-plugin tags: cve,cve2011,wordpress,xss,wp-plugin

2
cves/2011/CVE-2011-5265.yaml
View File

@ -8,6 +8,8 @@ info:
reference: reference:
- https://nvd.nist.gov/vuln/detail/CVE-2011-5265 - https://nvd.nist.gov/vuln/detail/CVE-2011-5265
- http://web.archive.org/web/20210123103000/https://www.securityfocus.com/bid/50779/ - http://web.archive.org/web/20210123103000/https://www.securityfocus.com/bid/50779/
- http://osvdb.org/77337
- http://www.securityfocus.com/bid/50779
classification: classification:
cve-id: CVE-2011-5265 cve-id: CVE-2011-5265
tags: cve,cve2011,wordpress,xss,wp-plugin tags: cve,cve2011,wordpress,xss,wp-plugin

1
cves/2012/CVE-2012-0991.yaml
View File

@ -9,6 +9,7 @@ info:
- https://www.exploit-db.com/exploits/36650 - https://www.exploit-db.com/exploits/36650
- https://www.cvedetails.com/cve/CVE-2012-0991 - https://www.cvedetails.com/cve/CVE-2012-0991
- http://web.archive.org/web/20210121221715/https://www.securityfocus.com/bid/51788/ - http://web.archive.org/web/20210121221715/https://www.securityfocus.com/bid/51788/
- http://osvdb.org/78729
classification: classification:
cve-id: CVE-2012-0991 cve-id: CVE-2012-0991
tags: cve,cve2012,lfi,openemr,traversal tags: cve,cve2012,lfi,openemr,traversal

2
cves/2012/CVE-2012-4253.yaml
View File

@ -8,6 +8,8 @@ info:
reference: reference:
- https://www.exploit-db.com/exploits/37129 - https://www.exploit-db.com/exploits/37129
- https://www.cvedetails.com/cve/CVE-2012-4253 - https://www.cvedetails.com/cve/CVE-2012-4253
- http://www.osvdb.org/81609
- http://www.osvdb.org/81615
classification: classification:
cve-id: CVE-2012-4253 cve-id: CVE-2012-4253
tags: cve,cve2012,lfi tags: cve,cve2012,lfi

2
cves/2012/CVE-2012-4889.yaml
View File

@ -8,6 +8,8 @@ info:
reference: reference:
- http://web.archive.org/web/20210121082432/https://www.securityfocus.com/bid/52841/info - http://web.archive.org/web/20210121082432/https://www.securityfocus.com/bid/52841/info
- https://nvd.nist.gov/vuln/detail/CVE-2012-4889 - https://nvd.nist.gov/vuln/detail/CVE-2012-4889
- http://osvdb.org/80873
- http://osvdb.org/80872
classification: classification:
cve-id: CVE-2012-4889 cve-id: CVE-2012-4889
tags: cve,cve2012,xss,manageengine tags: cve,cve2012,xss,manageengine

1
cves/2013/CVE-2013-2287.yaml
View File

@ -8,6 +8,7 @@ info:
reference: reference:
- https://nvd.nist.gov/vuln/detail/CVE-2013-2287 - https://nvd.nist.gov/vuln/detail/CVE-2013-2287
- https://www.dognaedis.com/vulns/DGS-SEC-16.html - https://www.dognaedis.com/vulns/DGS-SEC-16.html
- http://osvdb.org/90840
classification: classification:
cve-id: CVE-2013-2287 cve-id: CVE-2013-2287
tags: cve,cve2013,wordpress,xss,wp-plugin tags: cve,cve2013,wordpress,xss,wp-plugin

1
cves/2013/CVE-2013-4625.yaml
View File

@ -9,6 +9,7 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2013-4625 - https://nvd.nist.gov/vuln/detail/CVE-2013-4625
- https://packetstormsecurity.com/files/122535/WordPress-Duplicator-0.4.4-Cross-Site-Scripting.html - https://packetstormsecurity.com/files/122535/WordPress-Duplicator-0.4.4-Cross-Site-Scripting.html
- https://seclists.org/bugtraq/2013/Jul/160 - https://seclists.org/bugtraq/2013/Jul/160
- http://osvdb.org/95627
remediation: Upgrade to Duplicator 0.4.5 or later. remediation: Upgrade to Duplicator 0.4.5 or later.
classification: classification:
cve-id: CVE-2013-4625 cve-id: CVE-2013-4625

1
cves/2013/CVE-2013-7091.yaml
View File

@ -9,6 +9,7 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2013-7091 - https://nvd.nist.gov/vuln/detail/CVE-2013-7091
- https://www.exploit-db.com/exploits/30085 - https://www.exploit-db.com/exploits/30085
- https://www.exploit-db.com/exploits/30472 - https://www.exploit-db.com/exploits/30472
- http://osvdb.org/100747
classification: classification:
cve-id: CVE-2013-7091 cve-id: CVE-2013-7091
tags: cve,cve2013,zimbra,lfi tags: cve,cve2013,zimbra,lfi

1
cves/2014/CVE-2014-10037.yaml
View File

@ -9,6 +9,7 @@ info:
- https://www.exploit-db.com/exploits/30865 - https://www.exploit-db.com/exploits/30865
- https://www.cvedetails.com/cve/CVE-2014-10037 - https://www.cvedetails.com/cve/CVE-2014-10037
- https://nvd.nist.gov/vuln/detail/CVE-2014-10037 - https://nvd.nist.gov/vuln/detail/CVE-2014-10037
- http://osvdb.org/show/osvdb/102204
classification: classification:
cve-id: CVE-2014-10037 cve-id: CVE-2014-10037
tags: cve,cve2014,lfi tags: cve,cve2014,lfi

2
cves/2017/CVE-2017-11512.yaml
View File

@ -18,7 +18,7 @@ info:
cwe-id: CWE-22 cwe-id: CWE-22
metadata: metadata:
shodan-query: http.title:"ManageEngine" shodan-query: http.title:"ManageEngine"
verified: true verified: "true"
tags: cve,cve2017,manageengine,lfr,unauth tags: cve,cve2017,manageengine,lfr,unauth
requests: requests:

1
cves/2018/CVE-2018-19439.yaml
View File

@ -9,6 +9,7 @@ info:
- http://web.archive.org/web/20210124221313/https://www.securityfocus.com/bid/106006/ - http://web.archive.org/web/20210124221313/https://www.securityfocus.com/bid/106006/
- http://seclists.org/fulldisclosure/2018/Nov/58 - http://seclists.org/fulldisclosure/2018/Nov/58
- http://packetstormsecurity.com/files/150444/Oracle-Secure-Global-Desktop-Administration-Console-4.4-Cross-Site-Scripting.html - http://packetstormsecurity.com/files/150444/Oracle-Secure-Global-Desktop-Administration-Console-4.4-Cross-Site-Scripting.html
- http://www.securityfocus.com/bid/106006
classification: classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1 cvss-score: 6.1

5
cves/2018/CVE-2018-2791.yaml
View File

@ -4,10 +4,7 @@ info:
name: Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting name: Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting
author: madrobot,leovalcante author: madrobot,leovalcante
severity: high severity: high
description: The Oracle WebCenter Sites component of Oracle Fusion Middleware is susceptible to multiple instances of cross-site scripting that could allow unauthenticated attackers with network access via HTTP description: The Oracle WebCenter Sites component of Oracle Fusion Middleware is susceptible to multiple instances of cross-site scripting that could allow unauthenticated attackers with network access via HTTP to compromise Oracle WebCenter Sites. Impacted versions that are affected are 11.1.1.8.0, 12.2.1.2.0 and 12.2.1.3.0. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data as well as unauthorized update, insert or delete access to some of Oracle WebCenter Sites accessible data.
to compromise Oracle WebCenter Sites. Impacted versions that are affected are 11.1.1.8.0, 12.2.1.2.0 and 12.2.1.3.0. Successful attacks require human interaction from a person other than the attacker and while
the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access
to all Oracle WebCenter Sites accessible data as well as unauthorized update, insert or delete access to some of Oracle WebCenter Sites accessible data.
reference: reference:
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html - http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- http://www.securitytracker.com/id/1040695 - http://www.securitytracker.com/id/1040695

1
cves/2019/CVE-2019-8442.yaml
View File

@ -8,6 +8,7 @@ info:
reference: reference:
- https://jira.atlassian.com/browse/JRASERVER-69241 - https://jira.atlassian.com/browse/JRASERVER-69241
- http://web.archive.org/web/20210125215006/https://www.securityfocus.com/bid/108460/ - http://web.archive.org/web/20210125215006/https://www.securityfocus.com/bid/108460/
- http://www.securityfocus.com/bid/108460
classification: classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5 cvss-score: 7.5