CVE-2013-6047 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:N/I:P/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 51%

Vendor	Product	Version
ikiwiki_hosting_project	ikiwiki_hosting	𝑥 ≤ 0.20130926
ikiwiki_hosting_project	ikiwiki_hosting	0.20110401
ikiwiki_hosting_project	ikiwiki_hosting	0.20110420
ikiwiki_hosting_project	ikiwiki_hosting	0.20110424
ikiwiki_hosting_project	ikiwiki_hosting	0.20110515
ikiwiki_hosting_project	ikiwiki_hosting	0.20110608
ikiwiki_hosting_project	ikiwiki_hosting	0.20110926
ikiwiki_hosting_project	ikiwiki_hosting	0.20111005
ikiwiki_hosting_project	ikiwiki_hosting	0.20120125
ikiwiki_hosting_project	ikiwiki_hosting	0.20120131
ikiwiki_hosting_project	ikiwiki_hosting	0.20120425
ikiwiki_hosting_project	ikiwiki_hosting	0.20120526
ikiwiki_hosting_project	ikiwiki_hosting	0.20120527
ikiwiki_hosting_project	ikiwiki_hosting	0.20130504

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

ikiwiki-hosting

bullseye	0.20180719-2 fixed
wheezy	no-dsa
bookworm	0.20220716-2 fixed
sid	0.20220717-1 fixed
trixie	0.20220717-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

ikiwiki-hosting

zesty	not-affected
yakkety	not-affected
xenial	not-affected
wily	not-affected
vivid	not-affected
utopic	not-affected
trusty	dne
saucy	ignored
raring	ignored
quantal	ignored
precise	ignored
lucid	dne

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

http://osvdb.org/99012

http://packages.qa.debian.org/i/ikiwiki-hosting/news/20131025T224825Z.html

http://seclists.org/oss-sec/2013/q4/180

https://exchange.xforce.ibmcloud.com/vulnerabilities/88334

http://osvdb.org/99012

http://packages.qa.debian.org/i/ikiwiki-hosting/news/20131025T224825Z.html

http://seclists.org/oss-sec/2013/q4/180

https://exchange.xforce.ibmcloud.com/vulnerabilities/88334