CVE-2011-3862
Description
Cross-site scripting (XSS) vulnerability in the Morning Coffee theme before 3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
Related CPE's
CvssV3 impact
Could not find any metrics
CvssV2 impact
Version | 2.0 |
VectorString | AV:N/AC:M/Au:N/C:N/I:P/A:N |
AccessVector | NETWORK |
AccessComplexity | MEDIUM |
Authentication | NONE |
ConfidentialityImpact | NONE |
IntegrityImpact | PARTIAL |
AvailabilityImpact | NONE |
BaseScore | 4.300000190734863 |