fkie_nvd - fkie_cve-2011-1689

fkie_cve-2011-1689

Vulnerability from fkie_nvd

Published

2011-04-22 10:55

Modified

2025-04-11 00:51

Severity ?

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://blog.bestpractical.com/2011/04/security-vulnerabilities-in-rt.html
cve@mitre.org	http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000187.html	Patch
cve@mitre.org	http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000188.html	Patch
cve@mitre.org	http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000189.html	Patch
cve@mitre.org	http://secunia.com/advisories/44189	Vendor Advisory
cve@mitre.org	http://www.debian.org/security/2011/dsa-2220
cve@mitre.org	http://www.securityfocus.com/bid/47383
cve@mitre.org	http://www.vupen.com/english/advisories/2011/1071
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=696795	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/66796
af854a3a-2127-422b-91ae-364da2661108	http://blog.bestpractical.com/2011/04/security-vulnerabilities-in-rt.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000187.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000188.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000189.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44189	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2011/dsa-2220
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/47383
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/1071
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=696795	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/66796

Impacted products

Vendor	Product	Version
bestpractical	rt	2.0.0
bestpractical	rt	2.0.1
bestpractical	rt	2.0.2
bestpractical	rt	2.0.3
bestpractical	rt	2.0.4
bestpractical	rt	2.0.5
bestpractical	rt	2.0.5.1
bestpractical	rt	2.0.5.3
bestpractical	rt	2.0.6
bestpractical	rt	2.0.7
bestpractical	rt	2.0.8
bestpractical	rt	2.0.8.2
bestpractical	rt	2.0.9
bestpractical	rt	2.0.11
bestpractical	rt	2.0.12
bestpractical	rt	2.0.13
bestpractical	rt	2.0.14
bestpractical	rt	2.0.15
bestpractical	rt	3.0.0
bestpractical	rt	3.0.1
bestpractical	rt	3.0.2
bestpractical	rt	3.0.3
bestpractical	rt	3.0.4
bestpractical	rt	3.0.5
bestpractical	rt	3.0.6
bestpractical	rt	3.0.7
bestpractical	rt	3.0.7.1
bestpractical	rt	3.0.8
bestpractical	rt	3.0.9
bestpractical	rt	3.0.10
bestpractical	rt	3.0.11
bestpractical	rt	3.0.12
bestpractical	rt	3.2.0
bestpractical	rt	3.2.1
bestpractical	rt	3.2.2
bestpractical	rt	3.2.3
bestpractical	rt	3.4.0
bestpractical	rt	3.4.1
bestpractical	rt	3.4.2
bestpractical	rt	3.4.3
bestpractical	rt	3.4.4
bestpractical	rt	3.4.5
bestpractical	rt	3.4.6
bestpractical	rt	3.6.0
bestpractical	rt	3.6.1
bestpractical	rt	3.6.2
bestpractical	rt	3.6.3
bestpractical	rt	3.6.4
bestpractical	rt	3.6.5
bestpractical	rt	3.6.6
bestpractical	rt	3.6.7
bestpractical	rt	3.6.8
bestpractical	rt	3.6.9
bestpractical	rt	3.6.10
bestpractical	rt	3.8.0
bestpractical	rt	3.8.1
bestpractical	rt	3.8.2
bestpractical	rt	3.8.3
bestpractical	rt	3.8.4
bestpractical	rt	3.8.5
bestpractical	rt	3.8.6
bestpractical	rt	3.8.6
bestpractical	rt	3.8.7
bestpractical	rt	3.8.7
bestpractical	rt	3.8.8
bestpractical	rt	3.8.8
bestpractical	rt	3.8.8
bestpractical	rt	3.8.8
bestpractical	rt	3.8.9
bestpractical	rt	3.8.9
bestpractical	rt	3.8.9
bestpractical	rt	3.8.9
bestpractical	rt	4.0.0
bestpractical	rt	4.0.0
bestpractical	rt	4.0.0
bestpractical	rt	4.0.0
bestpractical	rt	4.0.0
bestpractical	rt	4.0.0
bestpractical	rt	4.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B558A64D-2E06-416C-85F5-AAFFD18096D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3A24FF7-A1B0-4998-A0F8-6E5D70901299",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01659AA-9146-4238-9FEE-70D345D31094",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EA74674-D04E-4458-ADF0-C733E9592B05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F4ACD97-35AD-4E23-83FC-E39016936EFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF589DDB-4348-4A55-9468-DBB5F03C82F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C59D941-22C2-41A7-B9BA-4CBDA3E71F5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB507C08-D3CC-4AC8-9BAC-EED9FD09E1D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A50288EA-2628-47D7-9F25-EE514B9083F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "91868A78-C6C7-4C03-95B3-755816F8C663",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4B4383B-20C5-4620-8107-255AD3D45D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "09A128B7-AA70-49DD-A20E-B9BB7D23A4EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "88EFA7E0-C472-4E93-8E38-98DFCCD37EEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6381E7-1C01-4239-A02F-C6DB5D775F7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "4120F4E4-E4EB-434C-9764-370102198554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1CA0866-CC49-4956-9493-849069B4485B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "565B7E66-BD96-419A-8EC2-FE971BDC47A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:2.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAC1443B-50C8-4E98-9900-CACFEA5AD00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F451959A-5305-4210-977B-6B396BC0A4F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA418CF5-49D6-4E0E-A1B5-8CB23752989D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E238F87-8D8C-4E62-A8F0-3DB9EFDB8328",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FD8A7EF-5DB8-40C6-9124-A97A23B3EA02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD553B8-8495-47E5-A543-4DC963B3511A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "28ADB191-4787-4FDB-B70A-F4C8BDF0F4B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2772389A-9BCD-4B13-88C8-75BC64E40AF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1F9D05F-C86D-40D8-A7D9-5448918B72DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "311485DA-5381-4EAD-AF58-B8C67373413A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EAF6671-8C77-448B-BF29-E2CF51176CC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B55D762D-A723-435C-8D80-F7230F1648D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC63EDC-541E-445D-8B72-799E4184B7EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5E6196E-4A90-4F64-BA99-A8E04A09D5ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7CE86-3FCD-472E-BF01-31FFB36701BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70B3F0B2-8C70-4046-AAA0-FBD344FE4DBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD0173D-F699-4864-8856-D1792BDA0F84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "19CC2E53-5DE8-4A31-9B8A-79335DFBAFEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "404AFC5C-20B4-41E5-ACDE-56626D68AFEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F37D1380-965B-40E0-8A20-61FEA072B8D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E101B0FE-499F-44D8-8B68-BB7FEE40D2B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "747D8CD1-EE12-48A4-A795-88BC66A8DA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FDE201D-F31A-4738-B9AB-7BB11417990E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D6ED4EC-F860-47BD-B699-551FB5DBF039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3398823-1813-4D7B-9EC9-74222A240051",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F98B7895-BDB3-477C-8B34-88BD3E02EAFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1512169D-DCEF-4964-B05A-3DF19CDE8F57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B427F5D4-ACD6-46E5-B94F-CA30330C6492",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9B38C33-D680-4285-A849-E6CDA9F4802F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "646CFD82-15FE-48E4-83C9-E3E037E9F928",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "57404A14-6E1C-4F3B-8120-75F1073A3E18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F40ED56-CDAC-40BB-A026-5D6A09DCB72C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C325D9-CB88-430F-B1AE-3544C7176398",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1E86D15-8435-46B9-88FF-8A51771C55E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "543C8E63-9A49-4D6A-899A-7D244D0CCC17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "00AFB893-E37A-4E81-A984-66D677161D80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "312703C9-7145-4599-8B2C-6EF7BC060A07",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C503726A-4AAB-4444-A204-7F53A6369919",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B93F59-E22F-47E0-A5EA-D5716E9EAB48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BF01543-2929-4ADA-BD74-ABE00BF066BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "562E9782-259B-42C6-BC3E-C452799A78FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4D2E2C8-15E8-45E4-9DBF-6CF2BEB30576",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E4D117A-92C0-4884-A3E6-F6FCC8B89458",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AED14B5B-A9DE-46A4-8996-F6DC75B5DCD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.6:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D237F862-E8D5-4D82-9CDC-A8A84D2DE665",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "84FB5217-7650-4BB2-A0AB-BAB6A362CFD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.7:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B306ECCE-8095-48E7-A523-05F6B2AF686E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4BF6295-E0EF-44B8-A694-348EF39371BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.8:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B6FBA787-90EE-4148-804C-F4F6021D5177",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.8:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "9035493E-C9BA-4DDE-914A-E14CB072E745",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.8:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "19E636D2-525B-4B27-A9E1-16BC0088C8AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "546F1582-B85F-4D4F-840C-6257F1DE05E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.9:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "F9040C7B-9080-4B57-885D-9275B9623E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.9:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "7B927C5E-EAC2-4032-905A-BBCE66693958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:3.8.9:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "D8DB6F17-FF2F-4DCA-A8D1-C3E0D42ACCAB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "9E220C7C-D32C-4ED1-A056-074576B7B504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "57A903C6-3C9F-47A0-92F7-D5272B2622AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "67EBD0AE-1A91-4690-8A07-0FB7342768FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "A1217A3C-2302-4E3B-BF35-4B16271A6FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "A72E5649-26E5-47DE-9CB4-019FEC8AF13E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "51E06E3C-4504-4325-BD89-9102315858C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc7:*:*:*:*:*:*",
              "matchCriteriaId": "8A1286FE-DB7C-48B1-82A9-A23C82984A21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de  secuencias de comandos en sitios cruzados (XSS) en Best Practical Solutions RT v2.0.0 hasta v3.6.10, v3.8.0 hasta v3.8.9, y v4.0.0rc hasta 4.0.0rc7, permite a atacantes remotos inyectar script de su elecci\u00f3n o HTML a trav\u00e9s desconocidos.\r\n"
    }
  ],
  "id": "CVE-2011-1689",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-04-22T10:55:02.487",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://blog.bestpractical.com/2011/04/security-vulnerabilities-in-rt.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000187.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000188.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000189.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44189"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2011/dsa-2220"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/47383"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2011/1071"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=696795"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66796"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://blog.bestpractical.com/2011/04/security-vulnerabilities-in-rt.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000187.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000188.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000189.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/47383"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/1071"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=696795"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66796"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2011-1689 (GCVE-0-2011-1689)

Vulnerability from cvelistv5

Published

2011-04-22 10:00

Modified

2024-08-06 22:37