CVE-2011-4024

EUVD-2011-3977
Cross-site scripting (XSS) vulnerability in ocsinventory in OCS Inventory NG 2.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
Affected Products (NVD)
VendorProductVersion
ocsinventory-ngocs_inventory_ng
𝑥
≤ 2.0.1
ocsinventory-ngocs_inventory_ng
1.0
ocsinventory-ngocs_inventory_ng
1.0:beta
ocsinventory-ngocs_inventory_ng
1.0:rc1
ocsinventory-ngocs_inventory_ng
1.0:rc2
ocsinventory-ngocs_inventory_ng
1.0:rc3
ocsinventory-ngocs_inventory_ng
1.0:rc3-1
ocsinventory-ngocs_inventory_ng
1.01
ocsinventory-ngocs_inventory_ng
1.02
ocsinventory-ngocs_inventory_ng
1.02:rc1
ocsinventory-ngocs_inventory_ng
1.02:rc2
ocsinventory-ngocs_inventory_ng
1.02:rc3
ocsinventory-ngocs_inventory_ng
1.02.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ocsinventory-server
bookworm
2.8.1+dfsg1+~2.11.1-1
fixed
bullseye
2.8.1+dfsg1-1+deb11u1
fixed
sid
2.8.1+dfsg1+~2.11.1-1
fixed
trixie
2.8.1+dfsg1+~2.11.1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ocsinventory-server
hardy
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
precise
not-affected
quantal
ignored
raring
ignored
saucy
ignored
trusty
dne
utopic
ignored
vivid
ignored
wily
ignored
xenial
not-affected
yakkety
not-affected
Common Weakness Enumeration
References
http://osvdb.org/76135
http://secunia.com/advisories/46311
http://securityreason.com/securityalert/8477
http://www.exploit-db.com/exploits/18005
http://www.mandriva.com/security/advisories?name=MDVSA-2012:053
http://www.ocsinventory-ng.org/fr/accueil/nouvelles/version-2-0-2-stable.html
http://www.securityfocus.com/bid/50011
https://exchange.xforce.ibmcloud.com/vulnerabilities/70406
http://osvdb.org/76135
http://secunia.com/advisories/46311
http://securityreason.com/securityalert/8477
http://www.exploit-db.com/exploits/18005
http://www.mandriva.com/security/advisories?name=MDVSA-2012:053
http://www.ocsinventory-ng.org/fr/accueil/nouvelles/version-2-0-2-stable.html
http://www.securityfocus.com/bid/50011
https://exchange.xforce.ibmcloud.com/vulnerabilities/70406