3.5

CVE-2011-1401

ikiwiki before 3.20110328 does not ascertain whether the htmlscrubber plugin is enabled during processing of the "meta stylesheet" directive, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS) token sequences in (1) the default stylesheet or (2) an alternate stylesheet.

Data is provided by the National Vulnerability Database (NVD)
IkiwikiIkiwiki Version <= 3.20110321
IkiwikiIkiwiki Version1.0
IkiwikiIkiwiki Version1.1
IkiwikiIkiwiki Version1.1.47
IkiwikiIkiwiki Version1.2
IkiwikiIkiwiki Version1.3
IkiwikiIkiwiki Version1.4
IkiwikiIkiwiki Version1.5
IkiwikiIkiwiki Version1.6
IkiwikiIkiwiki Version1.7
IkiwikiIkiwiki Version1.8
IkiwikiIkiwiki Version1.9
IkiwikiIkiwiki Version1.10
IkiwikiIkiwiki Version1.11
IkiwikiIkiwiki Version1.12
IkiwikiIkiwiki Version1.13
IkiwikiIkiwiki Version1.14
IkiwikiIkiwiki Version1.15
IkiwikiIkiwiki Version1.16
IkiwikiIkiwiki Version1.17
IkiwikiIkiwiki Version1.18
IkiwikiIkiwiki Version1.19
IkiwikiIkiwiki Version1.20
IkiwikiIkiwiki Version1.21
IkiwikiIkiwiki Version1.22
IkiwikiIkiwiki Version1.23
IkiwikiIkiwiki Version1.24
IkiwikiIkiwiki Version1.25
IkiwikiIkiwiki Version1.26
IkiwikiIkiwiki Version1.27
IkiwikiIkiwiki Version1.28
IkiwikiIkiwiki Version1.29
IkiwikiIkiwiki Version1.30
IkiwikiIkiwiki Version1.31
IkiwikiIkiwiki Version1.32
IkiwikiIkiwiki Version1.33.3
IkiwikiIkiwiki Version1.34
IkiwikiIkiwiki Version1.34.1
IkiwikiIkiwiki Version1.34.2
IkiwikiIkiwiki Version1.35
IkiwikiIkiwiki Version1.36
IkiwikiIkiwiki Version1.37
IkiwikiIkiwiki Version1.38
IkiwikiIkiwiki Version1.39
IkiwikiIkiwiki Version1.40
IkiwikiIkiwiki Version1.41
IkiwikiIkiwiki Version1.42
IkiwikiIkiwiki Version1.43
IkiwikiIkiwiki Version1.44
IkiwikiIkiwiki Version1.45
IkiwikiIkiwiki Version1.46
IkiwikiIkiwiki Version1.47
IkiwikiIkiwiki Version1.48
IkiwikiIkiwiki Version1.49
IkiwikiIkiwiki Version1.50
IkiwikiIkiwiki Version1.51
IkiwikiIkiwiki Version2.0
IkiwikiIkiwiki Version2.00
IkiwikiIkiwiki Version2.1
IkiwikiIkiwiki Version2.2
IkiwikiIkiwiki Version2.3
IkiwikiIkiwiki Version2.4
IkiwikiIkiwiki Version2.5
IkiwikiIkiwiki Version2.6
IkiwikiIkiwiki Version2.6.1
IkiwikiIkiwiki Version2.7
IkiwikiIkiwiki Version2.8
IkiwikiIkiwiki Version2.9
IkiwikiIkiwiki Version2.10
IkiwikiIkiwiki Version2.11
IkiwikiIkiwiki Version2.12
IkiwikiIkiwiki Version2.13
IkiwikiIkiwiki Version2.14
IkiwikiIkiwiki Version2.15
IkiwikiIkiwiki Version2.16
IkiwikiIkiwiki Version2.17
IkiwikiIkiwiki Version2.18
IkiwikiIkiwiki Version2.19
IkiwikiIkiwiki Version2.20
IkiwikiIkiwiki Version2.30
IkiwikiIkiwiki Version2.31
IkiwikiIkiwiki Version2.31.1
IkiwikiIkiwiki Version2.31.2
IkiwikiIkiwiki Version2.31.3
IkiwikiIkiwiki Version2.40
IkiwikiIkiwiki Version2.41
IkiwikiIkiwiki Version2.42
IkiwikiIkiwiki Version2.43
IkiwikiIkiwiki Version2.44
IkiwikiIkiwiki Version2.45
IkiwikiIkiwiki Version2.46
IkiwikiIkiwiki Version2.47
IkiwikiIkiwiki Version2.48
IkiwikiIkiwiki Version2.49
IkiwikiIkiwiki Version2.50
IkiwikiIkiwiki Version2.51
IkiwikiIkiwiki Version2.52
IkiwikiIkiwiki Version2.53
IkiwikiIkiwiki Version2.54
IkiwikiIkiwiki Version2.55
IkiwikiIkiwiki Version2.56
IkiwikiIkiwiki Version2.60
IkiwikiIkiwiki Version2.61
IkiwikiIkiwiki Version2.62
IkiwikiIkiwiki Version2.62.1
IkiwikiIkiwiki Version2.63
IkiwikiIkiwiki Version2.64
IkiwikiIkiwiki Version2.65
IkiwikiIkiwiki Version2.66
IkiwikiIkiwiki Version2.67
IkiwikiIkiwiki Version2.68
IkiwikiIkiwiki Version2.69
IkiwikiIkiwiki Version2.70
IkiwikiIkiwiki Version2.71
IkiwikiIkiwiki Version2.72
IkiwikiIkiwiki Version3.0
IkiwikiIkiwiki Version3.00
IkiwikiIkiwiki Version3.01
IkiwikiIkiwiki Version3.02
IkiwikiIkiwiki Version3.03
IkiwikiIkiwiki Version3.04
IkiwikiIkiwiki Version3.05
IkiwikiIkiwiki Version3.06
IkiwikiIkiwiki Version3.07
IkiwikiIkiwiki Version3.08
IkiwikiIkiwiki Version3.09
IkiwikiIkiwiki Version3.10
IkiwikiIkiwiki Version3.11
IkiwikiIkiwiki Version3.12
IkiwikiIkiwiki Version3.13
IkiwikiIkiwiki Version3.14
IkiwikiIkiwiki Version3.141
IkiwikiIkiwiki Version3.1415
IkiwikiIkiwiki Version3.14159
IkiwikiIkiwiki Version3.141592
IkiwikiIkiwiki Version3.1415926
IkiwikiIkiwiki Version3.14159265
IkiwikiIkiwiki Version3.20091009
IkiwikiIkiwiki Version3.20091017
IkiwikiIkiwiki Version3.20091022
IkiwikiIkiwiki Version3.20091023
IkiwikiIkiwiki Version3.20091031
IkiwikiIkiwiki Version3.20091113
IkiwikiIkiwiki Version3.20091202
IkiwikiIkiwiki Version3.20091218
IkiwikiIkiwiki Version3.20100102.3
IkiwikiIkiwiki Version3.20100122
IkiwikiIkiwiki Version3.20100212
IkiwikiIkiwiki Version3.20100302
IkiwikiIkiwiki Version3.20100312
IkiwikiIkiwiki Version3.20100403
IkiwikiIkiwiki Version3.20100427
IkiwikiIkiwiki Version3.20100501
IkiwikiIkiwiki Version3.20100504
IkiwikiIkiwiki Version3.20100515
IkiwikiIkiwiki Version3.20100518
IkiwikiIkiwiki Version3.20100518.2
IkiwikiIkiwiki Version3.20100610
IkiwikiIkiwiki Version3.20100623
IkiwikiIkiwiki Version3.20100722
IkiwikiIkiwiki Version3.20100804
IkiwikiIkiwiki Version3.20100815
IkiwikiIkiwiki Version3.20100831
IkiwikiIkiwiki Version3.20100926
IkiwikiIkiwiki Version3.20101019
IkiwikiIkiwiki Version3.20101023
IkiwikiIkiwiki Version3.20101112
IkiwikiIkiwiki Version3.20101129
IkiwikiIkiwiki Version3.20101201
IkiwikiIkiwiki Version3.20101231
IkiwikiIkiwiki Version3.20110105
IkiwikiIkiwiki Version3.20110123
IkiwikiIkiwiki Version3.20110124
IkiwikiIkiwiki Version3.20110225
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.39% 0.567
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 3.5 6.8 2.9
AV:N/AC:M/Au:S/C:N/I:P/A:N
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.