CVE-2010-2080

{"id": "CVE-2010-2080", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-09-20T21:00:01.923", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", "source": "cve@mitre.org"}, {"url": "http://otrs.org/advisory/OSA-2010-02-en/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/41381", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://security-tracker.debian.org/tracker/CVE-2010-2080", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/43264", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61868", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before 2.4.8 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Open Ticket Request System (OTRS) v2.3.x anteriores a v2.3.6 y v2.4.x anteriores a v2.4.8, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no espec\u00edficos."}], "lastModified": "2017-08-17T01:32:36.617", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:otrs:otrs:2.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55F536B9-11F6-4F3F-9293-25D23F987C9E"}, {"criteria": "cpe:2.3:a:otrs:otrs:2.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD6DF09D-A8D8-4C77-A4C9-46BD570C2CE1"}, {"criteria": "cpe:2.3:a:otrs:otrs:2.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7ECE7F6-7A82-420C-A440-522331667B43"}, {"criteria": "cpe:2.3:a:otrs:otrs:2.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C66917F-135E-464E-916F-FD6B5A701E65"}, {"criteria": "cpe:2.3:a:otrs:otrs:2.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0002581-086A-4CB7-9408-8FA52BD03D28"}, {"criteria": "cpe:2.3:a:otrs:otrs:2.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "724A9C40-AE96-4AD5-BEB2-6C496F4C361D"}, {"criteria": "cpe:2.3:a:otrs:otrs:2.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AA5A554-016E-4CFB-A809-991B6902C3FA"}, {"criteria": "cpe:2.3:a:otrs:otrs:2.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3821A8EF-ED18-49DD-BF52-DFDD982E35C6"}, {"criteria": "cpe:2.3:a:otrs:otrs:2.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B41C77DB-BC99-4C50-BD86-FECB44ACF0A8"}, {"criteria": "cpe:2.3:a:otrs:otrs:2.4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9D7CBCB-F4B8-4ACC-86C8-E45358F48697"}, {"criteria": "cpe:2.3:a:otrs:otrs:2.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB4EAE42-96BD-4B25-BFCC-6CFBF08F339C"}, {"criteria": "cpe:2.3:a:otrs:otrs:2.4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A07A35A7-55A5-4E78-98F8-38B1F3D4DA72"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}