var-201511-0054
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to inject arbitrary web script or HTML via the pwd parameter. Multiple models of ARRIS cable modems contain multiple, deterministically generated backdoor passwords, as well as multiple cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities. Arris DG860A, TG862A and TG862G are modem products of the American Arris Group. A cross-site scripting vulnerability 2. A cross-site request-forgery vulnerability 3. Multiple security-bypass vulnerabilities An attacker can exploit these issues to bypass security restrictions and perform unauthorized actions, execute attacker-supplied HTML or JavaScript code in the context of the affected site or to steal cookie-based authentication credentials. This may aid in further attacks. The following products and versions are affected: Arris DG860A, TG862A, TG862G using firmware versions TS0703128_100611 to TS0705125D_031115
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201511-0054",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "na model 862 gw mono",
"scope": "eq",
"trust": 1.6,
"vendor": "arris",
"version": "ts0703135_112211"
},
{
"model": "na model 862 gw mono",
"scope": "eq",
"trust": 1.6,
"vendor": "arris",
"version": "ts0705125d_031115"
},
{
"model": "na model 862 gw mono",
"scope": "eq",
"trust": 1.6,
"vendor": "arris",
"version": "ts070593c_073013"
},
{
"model": "na model 862 gw mono",
"scope": "eq",
"trust": 1.6,
"vendor": "arris",
"version": "ts0705125_062314"
},
{
"model": "na model 862 gw mono",
"scope": "eq",
"trust": 1.6,
"vendor": "arris",
"version": "ts0703128_100611"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arris",
"version": null
},
{
"model": "dg860a",
"scope": null,
"trust": 0.8,
"vendor": "arris group",
"version": null
},
{
"model": "na.model 862.gw.mono",
"scope": "eq",
"trust": 0.8,
"vendor": "arris group",
"version": "ts0703128_100611 to ts0705125d_031115"
},
{
"model": "tg862a",
"scope": null,
"trust": 0.8,
"vendor": "arris group",
"version": null
},
{
"model": "tg862g",
"scope": null,
"trust": 0.8,
"vendor": "arris group",
"version": null
},
{
"model": "dg860a ts0703128 100611 to ts0705125d 031115",
"scope": null,
"trust": 0.6,
"vendor": "arris",
"version": null
},
{
"model": "tg862a ts0703128 100611 to ts0705125d 031115",
"scope": null,
"trust": 0.6,
"vendor": "arris",
"version": null
},
{
"model": "tg862g ts0703128 100611 to ts0705125d 031115",
"scope": null,
"trust": 0.6,
"vendor": "arris",
"version": null
},
{
"model": "tg862g ts070593c 073013 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862g ts0705125d 031115 na",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862g ts0705125 062314 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862g ts0703135 112211 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862g ts0703128 100611 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862a ts070593c 073013 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862a ts0705125d 031115 na",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862a ts0705125 062314 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862a ts0703135 112211 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862a ts0703128 100611 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "dg860a ts070593c 073013 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "dg860a ts0705125d 031115 na",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "dg860a ts0705125 062314 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "dg860a ts0703135 112211 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "dg860a ts0703128 100611 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#419568"
},
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "BID",
"id": "77674"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:arris:dg860a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:arris:na_model_862_gw_mono_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:arris:tg862a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:arris:tg862g",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bernardo Rodrigues",
"sources": [
{
"db": "BID",
"id": "77674"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7290",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7290",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2015-07831",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-85251",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7290",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7290",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-07831",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-383",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-85251",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "VULHUB",
"id": "VHN-85251"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to inject arbitrary web script or HTML via the pwd parameter. Multiple models of ARRIS cable modems contain multiple, deterministically generated backdoor passwords, as well as multiple cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities. Arris DG860A, TG862A and TG862G are modem products of the American Arris Group. A cross-site scripting vulnerability\n2. A cross-site request-forgery vulnerability\n3. Multiple security-bypass vulnerabilities\nAn attacker can exploit these issues to bypass security restrictions and perform unauthorized actions, execute attacker-supplied HTML or JavaScript code in the context of the affected site or to steal cookie-based authentication credentials. This may aid in further attacks. The following products and versions are affected: Arris DG860A, TG862A, TG862G using firmware versions TS0703128_100611 to TS0705125D_031115",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7290"
},
{
"db": "CERT/CC",
"id": "VU#419568"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "BID",
"id": "77674"
},
{
"db": "VULHUB",
"id": "VHN-85251"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#419568",
"trust": 4.2
},
{
"db": "NVD",
"id": "CVE-2015-7290",
"trust": 3.4
},
{
"db": "EXPLOIT-DB",
"id": "29131",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90662356",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201511-383",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-07831",
"trust": 0.6
},
{
"db": "BID",
"id": "77674",
"trust": 0.3
},
{
"db": "SEEBUG",
"id": "SSVID-89955",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-85251",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#419568"
},
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "VULHUB",
"id": "VHN-85251"
},
{
"db": "BID",
"id": "77674"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"id": "VAR-201511-0054",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "VULHUB",
"id": "VHN-85251"
}
],
"trust": 1.4555555666666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07831"
}
]
},
"last_update_date": "2024-11-23T22:13:22.364000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.arris.com/"
},
{
"title": "TG862G/CT",
"trust": 0.8,
"url": "http://arris.force.com/consumers/ConsumerProductDetail?p=a0ha000000GOZ3yAAH\u0026c=Touchstone%20Modems%20and%20Gateways"
},
{
"title": "Patches for multiple Arris device cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/67320"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85251"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.kb.cert.org/vuls/id/419568"
},
{
"trust": 0.8,
"url": "https://w00tsec.blogspot.com/2015/11/arris-cable-modem-has-backdoor-in.html"
},
{
"trust": 0.8,
"url": "https://github.com/borfast/arrispwgen"
},
{
"trust": 0.8,
"url": "https://www.shodan.io/search?query=arris+port%3a%2223%22"
},
{
"trust": 0.8,
"url": "https://www.shodan.io/search?query=ssh-2.0-arris_0.50"
},
{
"trust": 0.8,
"url": "https://www.shodan.io/search?query=net-dk"
},
{
"trust": 0.8,
"url": "http://www.theregister.co.uk/2015/11/20/arris_modem_backdoor/"
},
{
"trust": 0.8,
"url": "http://www.cert.br/docs/palestras/certbr-tcfirst2015.pdf"
},
{
"trust": 0.8,
"url": "https://www.exploit-db.com/exploits/29131/"
},
{
"trust": 0.8,
"url": "http://docsis.org/node/1575"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/255.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/259.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/80.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/352.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7290"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90662356/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7290"
},
{
"trust": 0.3,
"url": "http://www.arrisi.com/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#419568"
},
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "VULHUB",
"id": "VHN-85251"
},
{
"db": "BID",
"id": "77674"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#419568"
},
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "VULHUB",
"id": "VHN-85251"
},
{
"db": "BID",
"id": "77674"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-20T00:00:00",
"db": "CERT/CC",
"id": "VU#419568"
},
{
"date": "2015-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"date": "2015-11-21T00:00:00",
"db": "VULHUB",
"id": "VHN-85251"
},
{
"date": "2015-11-20T00:00:00",
"db": "BID",
"id": "77674"
},
{
"date": "2015-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"date": "2015-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"date": "2015-11-21T11:59:18.247000",
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-23T00:00:00",
"db": "CERT/CC",
"id": "VU#419568"
},
{
"date": "2015-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"date": "2015-11-23T00:00:00",
"db": "VULHUB",
"id": "VHN-85251"
},
{
"date": "2015-11-20T00:00:00",
"db": "BID",
"id": "77674"
},
{
"date": "2015-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"date": "2015-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"date": "2024-11-21T02:36:31.413000",
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ARRIS cable modems generate passwords deterministically and contain XSS and CSRF vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#419568"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.