CVE-2017-20097

{"id": "CVE-2017-20097", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.5, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.1}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2022-06-24T07:15:07.490", "references": [{"url": "http://seclists.org/fulldisclosure/2017/Feb/78", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?id.97370", "tags": ["Third Party Advisory"], "source": "cna@vuldb.com"}, {"url": "http://seclists.org/fulldisclosure/2017/Feb/78", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://vuldb.com/?id.97370", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cna@vuldb.com", "description": [{"lang": "en", "value": "CWE-80"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in WP-Filebase Download Manager Plugin 3.4.4. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely."}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad en el plugin WP-Filebase Download Manager versi\u00f3n 3.4.4. Se ha calificado como problem\u00e1tica. Este problema afecta a una funcionalidad desconocida. La manipulaci\u00f3n conlleva a un ataque de tipo cross site scripting b\u00e1sico. El ataque puede ser lanzado remotamente"}], "lastModified": "2024-11-21T03:22:37.587", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wp-filebase_download_manager_project:wp-filebase_download_manager:3.4.4:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "D05F4C44-0827-459C-A98F-38BBAB6EB892"}], "operator": "OR"}]}], "sourceIdentifier": "cna@vuldb.com"}