CVE-2010-4275

{"id": "CVE-2010-4275", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-12-22T03:00:03.140", "references": [{"url": "http://secunia.com/advisories/42364", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/15766", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/45481", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64199", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) name or (2) descr parameter in an (a) update_usergroup or a (b) store_nas action to admin.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Radius Manager v3.8.0 permite a administradores autenticados remotamente inyectar c\u00f3digo web o HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro (1) nombre o (2) descr en (a) una acci\u00f3n update_usergroup o(b) store_nas en admin.php."}], "lastModified": "2017-08-17T01:33:09.400", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dmasoftlab:radius_manager:3.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDCA523E-B814-49CF-94B9-717BF1CAF4F0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}