{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-04-28T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in macIpSpoofView.html in Dell SonicWall SonicOS 7.5.0.12 and 6.x allow remote attackers to inject arbitrary web script or HTML via the (1) searchSpoof or (2) searchSpoofIpDet parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20150428 SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2015/Apr/97"}, {"name": "20150428 SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/535393/100/0/threaded"}, {"name": "74406", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/74406"}, {"tags": ["x_refsource_MISC"], "url": "http://www.vulnerability-lab.com/get_content.php?id=1359"}, {"name": "1032204", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032204"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-3447", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in macIpSpoofView.html in Dell SonicWall SonicOS 7.5.0.12 and 6.x allow remote attackers to inject arbitrary web script or HTML via the (1) searchSpoof or (2) searchSpoofIpDet parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20150428 SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2015/Apr/97"}, {"name": "20150428 SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/535393/100/0/threaded"}, {"name": "74406", "refsource": "BID", "url": "http://www.securityfocus.com/bid/74406"}, {"name": "http://www.vulnerability-lab.com/get_content.php?id=1359", "refsource": "MISC", "url": "http://www.vulnerability-lab.com/get_content.php?id=1359"}, {"name": "1032204", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032204"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:47:57.656Z"}, "title": "CVE Program Container", "references": [{"name": "20150428 SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2015/Apr/97"}, {"name": "20150428 SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/535393/100/0/threaded"}, {"name": "74406", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/74406"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.vulnerability-lab.com/get_content.php?id=1359"}, {"name": "1032204", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1032204"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-3447", "datePublished": "2015-04-29T20:00:00", "dateReserved": "2015-04-29T00:00:00", "dateUpdated": "2024-08-06T05:47:57.656Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDA9DDC6-4F00-4655-BA39-3C2A0677DF74", "versionEndIncluding": "6.2.2.0", "versionStartIncluding": "6.0.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:7.5.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "E2E4FF4F-8F73-40B6-A3A9-24990E70438F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in macIpSpoofView.html in Dell SonicWall SonicOS 7.5.0.12 and 6.x allow remote attackers to inject arbitrary web script or HTML via the (1) searchSpoof or (2) searchSpoofIpDet parameter."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de XSS en macIpSpoofView.html en Dell SonicWall SonicOS 7.5.0.12 y 6.x permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s del par\u00e1metro (1) searchSpoof o (2) searchSpoofIpDet."}], "id": "CVE-2015-3447", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2015-04-29T20:59:04.623", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2015/Apr/97"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/535393/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/74406"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032204"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "http://www.vulnerability-lab.com/get_content.php?id=1359"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2015/Apr/97"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/535393/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/74406"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032204"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "http://www.vulnerability-lab.com/get_content.php?id=1359"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}