CVE-2011-3862

Description

Cross-site scripting (XSS) vulnerability in the Morning Coffee theme before 3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.

Related CPE's

aadazingmorning_coffee3.0*******

aadazingmorning_coffee********

aadazingmorning_coffee2.8*******

aadazingmorning_coffee2.9*******

aadazingmorning_coffee3.4*******

aadazingmorning_coffee3.2*******

aadazingmorning_coffee2.7*******

aadazingmorning_coffee3.1*******

awordpresswordpress********

References

46295

https://sitewat.ch/en/Advisories/20

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:M/Au:N/C:N/I:P/A:N

AccessVector

NETWORK

AccessComplexity

MEDIUM

Authentication

NONE

ConfidentialityImpact

NONE

IntegrityImpact

PARTIAL

AvailabilityImpact

NONE

BaseScore

4.300000190734863

Created by Yello
About Severity.io