CVE-2011-5081

UNKNOWN

Cross-site scripting (XSS) vulnerability in RestoreFile

Published Feb 18, 2012

Modified 1 years ago

Details

Cross-site scripting (XSS) vulnerability in RestoreFile.pm in BackupPC 3.1.0, 3.2.1, and possibly other earlier versions allows remote attackers to inject arbitrary web script or HTML via the share parameter in a RestoreFile action to index.cgi.

References

WEB

http://seclists.org/bugtraq/2011/Apr/266

ADVISORY

http://secunia.com/advisories/44385

WEB

http://www.osvdb.org/72055

WEB

https://exchange.xforce.ibmcloud.com/vulnerabilities/67170

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2011-5081

WEB

https://www.htbridge.ch/advisory/multiple_xss_vulnerabilities_in_backuppc.html

CVSS Analysis

CVSS v2.0

4.3

Exploitability

Access Vector

NetworkAV:N

Access Complexity

MediumAC:M

Authentication

NoneAu:N

Impact

Confidentiality

NoneC:N

Integrity

PartialI:P

Availability

NoneA:N

4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N

Ecosystems

Timeline

PublishedFeb 18, 2012

ModifiedAug 7, 2024