{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-06-14T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject arbitrary web script or HTML via a link."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "48364", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/48364"}, {"name": "FEDORA-2011-8816", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062389.html"}, {"name": "dokuwiki-rss-xss(68122)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68122"}, {"name": "45009", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/45009"}, {"name": "GLSA-201301-07", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201301-07.xml"}, {"tags": ["x_refsource_MISC"], "url": "http://www.dokuwiki.org/changes"}, {"name": "[oss-security] 20110629 Re: CVE Request -- DokuWiki -- XSS in DokuWiki's RSS embedding mechanism", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/06/29/13"}, {"name": "FEDORA-2011-8831", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062380.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=717146"}, {"tags": ["x_refsource_MISC"], "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2011-AVI-366/CERTA-2011-AVI-366.html"}, {"name": "DSA-2320", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2011/dsa-2320"}, {"name": "[dokuwiki] 20110614 Hotfix Release \"2011-05-25a Rincewind\"", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.freelists.org/post/dokuwiki/Hotfix-Release-20110525a-Rincewind"}, {"name": "[oss-security] 20110628 CVE Request -- DokuWiki -- XSS in DokuWiki's RSS embedding mechanism", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/5"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631818"}, {"name": "45190", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/45190"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:00:34.239Z"}, "title": "CVE Program Container", "references": [{"name": "48364", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/48364"}, {"name": "FEDORA-2011-8816", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062389.html"}, {"name": "dokuwiki-rss-xss(68122)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68122"}, {"name": "45009", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/45009"}, {"name": "GLSA-201301-07", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201301-07.xml"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.dokuwiki.org/changes"}, {"name": "[oss-security] 20110629 Re: CVE Request -- DokuWiki -- XSS in DokuWiki's RSS embedding mechanism", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/06/29/13"}, {"name": "FEDORA-2011-8831", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062380.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=717146"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2011-AVI-366/CERTA-2011-AVI-366.html"}, {"name": "DSA-2320", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2011/dsa-2320"}, {"name": "[dokuwiki] 20110614 Hotfix Release \"2011-05-25a Rincewind\"", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.freelists.org/post/dokuwiki/Hotfix-Release-20110525a-Rincewind"}, {"name": "[oss-security] 20110628 CVE Request -- DokuWiki -- XSS in DokuWiki's RSS embedding mechanism", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/5"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631818"}, {"name": "45190", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/45190"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-2510", "datePublished": "2011-07-14T23:00:00", "dateReserved": "2011-06-15T00:00:00", "dateUpdated": "2024-08-06T23:00:34.239Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dokuwiki:dokuwiki:*:*:*:*:*:*:*:*", "matchCriteriaId": "0361554F-C459-4932-90EE-7AC8BA61BF34", "versionEndIncluding": "2010-11-07a", "vulnerable": true}, {"criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2005-07-01:*:*:*:*:*:*:*", "matchCriteriaId": "AB2A5412-2F05-4F07-A082-2F57A0BEC50C", "vulnerable": true}, {"criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2005-07-13:*:*:*:*:*:*:*", "matchCriteriaId": "558BE818-E004-4F21-B49E-BD2FB6227C78", "vulnerable": true}, {"criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2005-09-19:*:*:*:*:*:*:*", "matchCriteriaId": "3434315F-BA84-418A-B76F-1B631451DCD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2005-09-22:*:*:*:*:*:*:*", "matchCriteriaId": "5120DDA0-C1A0-4B7E-ACE8-EDB09391491A", "vulnerable": true}, {"criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2006-03-05:*:*:*:*:*:*:*", "matchCriteriaId": "A75E526E-7BEB-4246-9865-DA46FEC6E66E", "vulnerable": true}, {"criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2006-03-09:*:*:*:*:*:*:*", "matchCriteriaId": "E29643D4-0746-435A-97B3-608BB831339F", "vulnerable": true}, {"criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2006-11-06:*:*:*:*:*:*:*", "matchCriteriaId": "86B05C3B-F637-441A-AB74-CB47215589F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2007-06-26:*:*:*:*:*:*:*", "matchCriteriaId": "64D85DB6-8B5F-4301-AA4A-1BA0EBBD00A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2008-05-05:*:*:*:*:*:*:*", "matchCriteriaId": "2DD1CD46-269E-4D2C-9C41-CCCBA8F84BCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2009-02-14b:*:*:*:*:*:*:*", "matchCriteriaId": "06B2EED0-5322-400C-A724-ACD15B281050", "vulnerable": true}, {"criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2009-12-25c:*:*:*:*:*:*:*", "matchCriteriaId": "ED3FF52A-EDE9-468E-BADA-659F90049264", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject arbitrary web script or HTML via a link."}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en la funcionalidad RSS dentro de DokuWiki anterior a v2011-05-25a Rincewind permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de un link."}], "id": "CVE-2011-2510", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-07-14T23:55:05.630", "references": [{"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631818"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062380.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062389.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/45009"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/45190"}, {"source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-201301-07.xml"}, {"source": "secalert@redhat.com", "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2011-AVI-366/CERTA-2011-AVI-366.html"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2011/dsa-2320"}, {"source": "secalert@redhat.com", "url": "http://www.dokuwiki.org/changes"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.freelists.org/post/dokuwiki/Hotfix-Release-20110525a-Rincewind"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/5"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.openwall.com/lists/oss-security/2011/06/29/13"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/48364"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=717146"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68122"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631818"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062380.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062389.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/45009"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/45190"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-201301-07.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2011-AVI-366/CERTA-2011-AVI-366.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2011/dsa-2320"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.dokuwiki.org/changes"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.freelists.org/post/dokuwiki/Hotfix-Release-20110525a-Rincewind"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.openwall.com/lists/oss-security/2011/06/28/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.openwall.com/lists/oss-security/2011/06/29/13"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/48364"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=717146"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68122"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}