ByteOS Network

NVD Vulnerability Details :

CVE-2011-5018

Modified

More Info Official Page

Source-cve@mitre.org

Published At-08 Jan, 2020 | 23:15

Updated At-07 Nov, 2023 | 02:09

Koala Framework before 2011-11-21 has XSS via the request_uri parameter.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	6.1	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N

Type: Primary

Version: 3.1

Base score: 6.1

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Type: Primary

Version: 2.0

Base score: 4.3

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:N/I:P/A:N

CPE Matches

koala-framework>>koala_framework>>Versions before 2011-11-21(exclusive)

cpe:2.3:a:koala-framework:koala_framework:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-79	Primary	nvd@nist.gov

CWE ID: CWE-79

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://www.cloudscan.me/2011/12/cve-2011-5018-koala-framework-xss.html	cve@mitre.org	Exploit Third Party Advisory
https://github.com/koala-framework/koala-framework/commit/59f81ea6bd8ef96c04a706a3ca453cd656284faa	cve@mitre.org	Patch Third Party Advisory
https://groups.google.com/forum/#%21topic/koala-framework-dev/wgHDD7N7qhk	cve@mitre.org	N/A

Hyperlink: http://www.cloudscan.me/2011/12/cve-2011-5018-koala-framework-xss.html

Source: cve@mitre.org

Resource:

Exploit

Third Party Advisory

Hyperlink: https://github.com/koala-framework/koala-framework/commit/59f81ea6bd8ef96c04a706a3ca453cd656284faa

Source: cve@mitre.org

Resource:

Patch

Third Party Advisory

Hyperlink: https://groups.google.com/forum/#%21topic/koala-framework-dev/wgHDD7N7qhk

Source: cve@mitre.org

Resource: N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History