CVE-2010-1195 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:N/I:P/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 54%

Affected Products (NVD)

Vendor	Product	Version
ikiwiki	ikiwiki	2.0
ikiwiki	ikiwiki	2.1
ikiwiki	ikiwiki	2.2
ikiwiki	ikiwiki	2.3
ikiwiki	ikiwiki	2.4
ikiwiki	ikiwiki	2.5
ikiwiki	ikiwiki	2.10
ikiwiki	ikiwiki	2.11
ikiwiki	ikiwiki	2.12
ikiwiki	ikiwiki	2.13
ikiwiki	ikiwiki	2.14
ikiwiki	ikiwiki	2.15
ikiwiki	ikiwiki	2.16
ikiwiki	ikiwiki	2.17
ikiwiki	ikiwiki	2.18
ikiwiki	ikiwiki	2.19
ikiwiki	ikiwiki	2.20
ikiwiki	ikiwiki	2.30
ikiwiki	ikiwiki	2.31
ikiwiki	ikiwiki	2.31.1
ikiwiki	ikiwiki	2.31.2
ikiwiki	ikiwiki	2.31.3
ikiwiki	ikiwiki	2.40
ikiwiki	ikiwiki	2.41
ikiwiki	ikiwiki	2.42
ikiwiki	ikiwiki	2.43
ikiwiki	ikiwiki	2.44
ikiwiki	ikiwiki	2.45
ikiwiki	ikiwiki	2.46
ikiwiki	ikiwiki	2.47
ikiwiki	ikiwiki	2.48
ikiwiki	ikiwiki	2.49
ikiwiki	ikiwiki	2.50
ikiwiki	ikiwiki	2.51
ikiwiki	ikiwiki	2.52
ikiwiki	ikiwiki	2.53
ikiwiki	ikiwiki	3.00
ikiwiki	ikiwiki	3.01
ikiwiki	ikiwiki	3.02
ikiwiki	ikiwiki	3.03
ikiwiki	ikiwiki	3.04
ikiwiki	ikiwiki	3.05
ikiwiki	ikiwiki	3.06
ikiwiki	ikiwiki	3.07
ikiwiki	ikiwiki	3.08
ikiwiki	ikiwiki	3.09
ikiwiki	ikiwiki	3.10
ikiwiki	ikiwiki	3.11
ikiwiki	ikiwiki	3.12
ikiwiki	ikiwiki	3.13
ikiwiki	ikiwiki	3.14
ikiwiki	ikiwiki	3.141
ikiwiki	ikiwiki	3.1415
ikiwiki	ikiwiki	3.14159
ikiwiki	ikiwiki	3.141592
ikiwiki	ikiwiki	3.1415926
ikiwiki	ikiwiki	3.14159265
ikiwiki	ikiwiki	3.20091009
ikiwiki	ikiwiki	3.20091017
ikiwiki	ikiwiki	3.20091022
ikiwiki	ikiwiki	3.20091023
ikiwiki	ikiwiki	3.20091031
ikiwiki	ikiwiki	3.20091113
ikiwiki	ikiwiki	3.20091202
ikiwiki	ikiwiki	3.20091218
ikiwiki	ikiwiki	3.20100102.3
ikiwiki	ikiwiki	3.20100122
ikiwiki	ikiwiki	3.20100212
ikiwiki	ikiwiki	3.20100302

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

ikiwiki

bookworm	3.20200202.3-1 fixed
bullseye	3.20200202.3-1 fixed
sid	3.20200202.4-2.1 fixed
trixie	3.20200202.4-2.1 fixed

Ubuntu Releases

Ubuntu Product

Codename

ikiwiki

artful	ignored
bionic	not-affected
cosmic	not-affected
dapper	dne
hardy	ignored
intrepid	ignored
jaunty	ignored
karmic	ignored
lucid	ignored
maverick	ignored
natty	ignored
oneiric	ignored
precise	ignored
quantal	ignored
raring	ignored
saucy	ignored
trusty	dne
utopic	ignored
vivid	ignored
wily	ignored
xenial	not-affected
yakkety	ignored
zesty	ignored

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

http://ikiwiki.info/security/#index36h2

http://secunia.com/advisories/38983

http://secunia.com/advisories/39048

http://www.debian.org/security/2010/dsa-2020

http://www.vupen.com/english/advisories/2010/0662

http://ikiwiki.info/security/#index36h2

http://secunia.com/advisories/38983

http://secunia.com/advisories/39048

http://www.debian.org/security/2010/dsa-2020

http://www.vupen.com/english/advisories/2010/0662