Vulnerability Details CVE-2011-5019
Cross-site scripting (XSS) vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.022
EPSS Ranking 83.7%
CVSS Severity
CVSS v2 Score 4.3
References
- http://archives.neohapsis.com/archives/bugtraq/2012-01/0018.html
- http://www.securityfocus.com/bid/51254
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72102
- http://archives.neohapsis.com/archives/bugtraq/2012-01/0018.html
- http://www.securityfocus.com/bid/51254
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72102
Products affected by CVE-2011-5019
-
cpe:2.3:a:textpattern:textpattern:4.4.1