Vulnerability Details CVE-2011-3610
A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin before 3.30 in the tagcloud parameter to plugins/serendipity_event_freetag/tagcloud.swf.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.8%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://git.schokokeks.org/freewvs.git/blob/ddc4be296c9c49987b53be064d6d2a9d12f50452/freewvsdb/plugins.freewvs
- https://packetstormsecurity.com/files/105054/Secunia-Security-Advisory-46005.html
- https://www.openwall.com/lists/oss-security/2011/10/10/3
- https://git.schokokeks.org/freewvs.git/blob/ddc4be296c9c49987b53be064d6d2a9d12f50452/freewvsdb/plugins.freewvs
- https://packetstormsecurity.com/files/105054/Secunia-Security-Advisory-46005.html
- https://www.openwall.com/lists/oss-security/2011/10/10/3
Products affected by CVE-2011-3610
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.103
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.105
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.41
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.42
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.43
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.44
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.45
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.47
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.48
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.5
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.51
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.64
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.70
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.88
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.95
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.96
-
cpe:2.3:a:s9y:serendipity_event_freetag:2.97
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.0
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.01
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.03
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.04
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.05
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.06
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.07
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.08
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.09
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.10
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.10.2
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.10.3
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.10.4
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.10.5
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.11
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.11.0
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.12.1
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.13
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.14
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.15
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.16
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.17
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.18
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.20
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.21
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.22
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.23
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.24
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.25
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.26
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.27
-
cpe:2.3:a:s9y:serendipity_event_freetag:3.28