NVD

Id
23444  
Name
CVE-2015-1058  
Description
Multiple cross-site scripting (XSS) vulnerabilities in AdaptCMS 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) data[Category][title] parameter to admin/categories/add, (2) data[Field][title] parameter to admin/fields/ajax_fields/, (3) name property in a basicInfo JSON object to admin/tools/create_theme, (4) data[Link][link_title] parameter to admin/links/links/add, or (5) data[ForumTopic][subject] parameter to forums/off-topic/new.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2015-01-16  
Modified Date
2015-01-20  
Seq
2015-1058  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
124113 23444 CVE-2015-1058 http://packetstormsecurity.com/files/129812/AdaptCMS-3.0.3-Cross-Site-Scripting.html  View
124114 23444 CVE-2015-1058 35710  View
124115 23444 CVE-2015-1058 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5218.php  View
124116 23444 CVE-2015-1058 adaptcms-multiple-data-xss(99617)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
5738 JVNDB-2015-001058 AdaptCMS におけるクロスサイトスクリプティングの脆弱性 AdaptCMS には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2015-1058 78283 CVE-2015-1058 23444 4.3 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-001058.html 2015-01-05 2015-01-21 View