CVE-2010-1195 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:N/I:P/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 54%

Vendor	Product	Version
ikiwiki	ikiwiki	2.0
ikiwiki	ikiwiki	2.1
ikiwiki	ikiwiki	2.2
ikiwiki	ikiwiki	2.3
ikiwiki	ikiwiki	2.4
ikiwiki	ikiwiki	2.5
ikiwiki	ikiwiki	2.10
ikiwiki	ikiwiki	2.11
ikiwiki	ikiwiki	2.12
ikiwiki	ikiwiki	2.13
ikiwiki	ikiwiki	2.14
ikiwiki	ikiwiki	2.15
ikiwiki	ikiwiki	2.16
ikiwiki	ikiwiki	2.17
ikiwiki	ikiwiki	2.18
ikiwiki	ikiwiki	2.19
ikiwiki	ikiwiki	2.20
ikiwiki	ikiwiki	2.30
ikiwiki	ikiwiki	2.31
ikiwiki	ikiwiki	2.31.1
ikiwiki	ikiwiki	2.31.2
ikiwiki	ikiwiki	2.31.3
ikiwiki	ikiwiki	2.40
ikiwiki	ikiwiki	2.41
ikiwiki	ikiwiki	2.42
ikiwiki	ikiwiki	2.43
ikiwiki	ikiwiki	2.44
ikiwiki	ikiwiki	2.45
ikiwiki	ikiwiki	2.46
ikiwiki	ikiwiki	2.47
ikiwiki	ikiwiki	2.48
ikiwiki	ikiwiki	2.49
ikiwiki	ikiwiki	2.50
ikiwiki	ikiwiki	2.51
ikiwiki	ikiwiki	2.52
ikiwiki	ikiwiki	2.53
ikiwiki	ikiwiki	3.00
ikiwiki	ikiwiki	3.01
ikiwiki	ikiwiki	3.02
ikiwiki	ikiwiki	3.03
ikiwiki	ikiwiki	3.04
ikiwiki	ikiwiki	3.05
ikiwiki	ikiwiki	3.06
ikiwiki	ikiwiki	3.07
ikiwiki	ikiwiki	3.08
ikiwiki	ikiwiki	3.09
ikiwiki	ikiwiki	3.10
ikiwiki	ikiwiki	3.11
ikiwiki	ikiwiki	3.12
ikiwiki	ikiwiki	3.13
ikiwiki	ikiwiki	3.14
ikiwiki	ikiwiki	3.141
ikiwiki	ikiwiki	3.1415
ikiwiki	ikiwiki	3.14159
ikiwiki	ikiwiki	3.141592
ikiwiki	ikiwiki	3.1415926
ikiwiki	ikiwiki	3.14159265
ikiwiki	ikiwiki	3.20091009
ikiwiki	ikiwiki	3.20091017
ikiwiki	ikiwiki	3.20091022
ikiwiki	ikiwiki	3.20091023
ikiwiki	ikiwiki	3.20091031
ikiwiki	ikiwiki	3.20091113
ikiwiki	ikiwiki	3.20091202
ikiwiki	ikiwiki	3.20091218
ikiwiki	ikiwiki	3.20100102.3
ikiwiki	ikiwiki	3.20100122
ikiwiki	ikiwiki	3.20100212
ikiwiki	ikiwiki	3.20100302

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

ikiwiki

bookworm	3.20200202.3-1 fixed
bullseye	3.20200202.3-1 fixed
sid	3.20200202.4-2.1 fixed
trixie	3.20200202.4-2.1 fixed

Ubuntu Releases

Ubuntu Product

Codename

ikiwiki

cosmic	not-affected
bionic	not-affected
artful	ignored
zesty	ignored
yakkety	ignored
xenial	not-affected
wily	ignored
vivid	ignored
utopic	ignored
trusty	dne
saucy	ignored
raring	ignored
quantal	ignored
precise	ignored
oneiric	ignored
natty	ignored
maverick	ignored
lucid	ignored
karmic	ignored
jaunty	ignored
intrepid	ignored
hardy	ignored
dapper	dne

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

http://ikiwiki.info/security/#index36h2

http://secunia.com/advisories/38983

http://secunia.com/advisories/39048

http://www.debian.org/security/2010/dsa-2020

http://www.vupen.com/english/advisories/2010/0662

http://ikiwiki.info/security/#index36h2

http://secunia.com/advisories/38983

http://secunia.com/advisories/39048

http://www.debian.org/security/2010/dsa-2020

http://www.vupen.com/english/advisories/2010/0662