CVE-2008-3730

{"id": "CVE-2008-3730", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2008-08-20T16:41:00.000", "references": [{"url": "http://osvdb.org/47558", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/31543", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.nordicwind.ca/noah/bugs/inputval.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/30747", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44535", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Nordicwind Document Management System (NOAH) before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Nordicwind Document Management System (NOAH) anterior a 3.2.2, permite a atacantes remotos inyectar secuencias de comandos Web o HTML de su elecci\u00f3n a trav\u00e9s de vectores no especificados."}], "lastModified": "2017-08-08T01:32:07.310", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nordicwind:noah:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2F1CBC7-E6C8-4362-910C-F0241ECB0B10", "versionEndIncluding": "3.2.1"}, {"criteria": "cpe:2.3:a:nordicwind:noah:1.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85B722F8-86E7-4167-A0F6-4C47D031D3D1"}, {"criteria": "cpe:2.3:a:nordicwind:noah:1.5.0b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "069E8791-CB9B-4561-9A44-E6436FCC7455"}, {"criteria": "cpe:2.3:a:nordicwind:noah:1.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C969E818-F310-48A4-BCE5-D25D80DF6EA6"}, {"criteria": "cpe:2.3:a:nordicwind:noah:1.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83E0EE8C-3A85-46F6-B514-0D17B18E87D4"}, {"criteria": "cpe:2.3:a:nordicwind:noah:1.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB68C485-CD65-4A7D-8870-786F344DA198"}, {"criteria": "cpe:2.3:a:nordicwind:noah:1.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BFBB5C0-6C00-4134-BD70-C4096F29FF66"}, {"criteria": "cpe:2.3:a:nordicwind:noah:1.5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DAFCB7F-B5DE-45B1-9A68-9DC76B799923"}, {"criteria": "cpe:2.3:a:nordicwind:noah:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A36D93C3-3A99-4C65-B8CD-9D6289118988"}, {"criteria": "cpe:2.3:a:nordicwind:noah:2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "179BA060-71CA-4093-ABEF-9F99DA44D2A1"}, {"criteria": "cpe:2.3:a:nordicwind:noah:2.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94193B07-3D89-47EB-92D0-60570DC13BA0"}, {"criteria": "cpe:2.3:a:nordicwind:noah:2.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE44810A-703F-4432-8261-A95AA6CBAA03"}, {"criteria": "cpe:2.3:a:nordicwind:noah:2.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2767D0D4-11B8-4847-B6F6-038881455714"}, {"criteria": "cpe:2.3:a:nordicwind:noah:2.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77AB71B7-8295-4580-846F-A59159EAAC59"}, {"criteria": "cpe:2.3:a:nordicwind:noah:2.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4F5D2C4-E4AD-4F04-99B0-4ABC8F992ADE"}, {"criteria": "cpe:2.3:a:nordicwind:noah:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "205EAB96-D71E-47FA-A194-3D97B99CA0D5"}, {"criteria": "cpe:2.3:a:nordicwind:noah:3.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A9DFEF4-A828-4B22-A903-08111A4C99D3"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC455378-BDCC-4602-86B6-D6687AE66C1B", "versionEndIncluding": "3.2.1"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2539F691-6B92-40A6-B26C-AA059CF825C8"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.0b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB57C4CD-359B-49ED-9E89-27088694F030"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFF058FC-90D8-4E08-BAEA-E7635CBD3582"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E95E72B6-E43E-4707-8F04-29476A11B520"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F7C9417-BFF5-41DE-B328-A1F2E8375B83"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBF67F28-92D9-4689-B25E-343BA927397D"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:1.5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "233330E5-2DED-4CB1-9653-E5CFA5C7E364"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "920417C4-BA54-4182-ACFF-3C1EE743A5FB"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8251B1F0-47B4-446E-9A13-C1EAF2CD74EA"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22DEA5BE-1102-4729-9E1F-6E5B39CC1BE7"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A39C66C3-3267-4875-9040-CA7AC04F7874"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB6B9D61-C8AA-4F36-9769-374CED49C83D"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43A85963-8CBC-4AC9-8F8A-C5D9F7FF3816"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:2.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E4B95AA-F5FC-4B93-B517-144D376C0822"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20CB2E5F-B247-4531-BCA4-E9A4B52DABA2"}, {"criteria": "cpe:2.3:a:nordicwind:nordicwind_document_management_system:3.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61C42D81-7E18-47BF-9E03-AB402AF20F6F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}