NVD

Id
8602  
Name
CVE-2011-1714  
Description
Cross-site scripting (XSS) vulnerability in framework/source/resource/qx/test/jsonp_primitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to inject arbitrary web script or HTML via the callback parameter.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-07  
Published
2011-04-18  
Modified Date
2011-04-18  
Seq
2011-1714  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
49610 8602 CVE-2011-1714 http://blog.eyeos.org/en/2011/04/07/about-some-eyeos-security-issues/  View
49611 8602 CVE-2011-1714 http://www.autosectools.com/Advisories/eyeOS.2.3_Reflected.Cross-site.Scripting_172.html  View
49612 8602 CVE-2011-1714 17127  View
49613 8602 CVE-2011-1714 47184  View
49614 8602 CVE-2011-1714 eyeos-jsonpprimitive-xss(66574)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
34268 JVNDB-2011-004510 eyeOS などの製品で使用される QooxDoo におけるクロスサイトスクリプティングの脆弱性 eyeOS などの製品で使用される QooxDoo の framework/source/resource/qx/test/jsonp_primitive.php には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2011-1714 49621 CVE-2011-1714 8602 4.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-004510.html 2011-04-18 2012-03-27 View