VDB-238155 · CVE-2016-15035 · GCVE-100-238155

Doc2k RE-Chat 1.0 re_chat.js କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ

Rakkoon nageenyaa kan ସମସ୍ୟାଜନକ jedhamuun beekamu Doc2k RE-Chat 1.0 keessatti argameera. Kan miidhamte is hojii hin beekamne faayilii js_on_radio-emergency.de_/re_chat.js keessa. Hojii jijjiirraa gara କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-79 geessa. Dadhabbii kana yeroo 04/04/2016 maxxanfameera akka bd17d497ddd3bab4ef9c6831c747c37cc016c570. Odeeffannoon kun buufachuuf github.com irratti qoodameera. Dogoggorri kun akka CVE-2016-15035tti beekama. Yaaliin weeraraa fageenya irraa jalqabamuu ni danda'a. Faayidaaleen teeknikaa ni jiru. Meeshaa balaa kana fayyadamuuf hin jiru. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ଅପରିଭାଷିତ jedhamee ibsameera. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. Beekamtii paachii kanaa bd17d497ddd3bab4ef9c6831c747c37cc016c570 dha. Sirreeffamni rakkoo github.com irratti buufachuuf jira. Paachii fe'uun rakkoo kana furuuf ni gorfama. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

3 ଆଡାପ୍ଟେସନ୍ · 74 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 08/26/2023 10:05 PM	ଅଦ୍ୟତନ 1/2 09/20/2023 04:49 PM	ଅଦ୍ୟତନ 2/2 09/20/2023 04:57 PM
software_vendor	Doc2k	Doc2k	Doc2k
software_name	RE-Chat	RE-Chat	RE-Chat
software_version	1.0	1.0	1.0
software_file	js_on_radio-emergency.de_/re_chat.js	js_on_radio-emergency.de_/re_chat.js	js_on_radio-emergency.de_/re_chat.js
vulnerability_cwe	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)
vulnerability_risk	1	1	1
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_ui	R	R	R
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	N	N	N
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	N	N	N
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	C
advisory_date	1459720800 (04/04/2016)	1459720800 (04/04/2016)	1459720800 (04/04/2016)
advisory_identifier	bd17d497ddd3bab4ef9c6831c747c37cc016c570	bd17d497ddd3bab4ef9c6831c747c37cc016c570	bd17d497ddd3bab4ef9c6831c747c37cc016c570
advisory_url	https://github.com/Doc2k/re-chat/commit/bd17d497ddd3bab4ef9c6831c747c37cc016c570	https://github.com/Doc2k/re-chat/commit/bd17d497ddd3bab4ef9c6831c747c37cc016c570	https://github.com/Doc2k/re-chat/commit/bd17d497ddd3bab4ef9c6831c747c37cc016c570
countermeasure_name	ପ୍ୟାଚ୍	ପ୍ୟାଚ୍	ପ୍ୟାଚ୍
countermeasure_date	1459720800 (04/04/2016)	1459720800 (04/04/2016)	1459720800 (04/04/2016)
patch_name	bd17d497ddd3bab4ef9c6831c747c37cc016c570	bd17d497ddd3bab4ef9c6831c747c37cc016c570	bd17d497ddd3bab4ef9c6831c747c37cc016c570
countermeasure_patch_url	https://github.com/Doc2k/re-chat/commit/bd17d497ddd3bab4ef9c6831c747c37cc016c570	https://github.com/Doc2k/re-chat/commit/bd17d497ddd3bab4ef9c6831c747c37cc016c570	https://github.com/Doc2k/re-chat/commit/bd17d497ddd3bab4ef9c6831c747c37cc016c570
countermeasure_advisoryquote	Erweiterte Ausgabevalidierung für die normalen Chatfunktionen. Siehe https://www.owasp.org/index.php/XSS	Erweiterte Ausgabevalidierung für die normalen Chatfunktionen. Siehe https://www.owasp.org/index.php/XSS	Erweiterte Ausgabevalidierung für die normalen Chatfunktionen. Siehe https://www.owasp.org/index.php/XSS
source_cve	CVE-2016-15035	CVE-2016-15035	CVE-2016-15035
cna_responsible	VulDB	VulDB	VulDB
software_type	Chat Software	Chat Software	Chat Software
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_ci	N	N	N
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	N	N	N
cvss2_vuldb_rc	C	C	C
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_au	S	S	S
cvss2_vuldb_e	ND	ND	ND
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_e	X	X	X
cvss2_vuldb_basescore	4.0	4.0	4.0
cvss2_vuldb_tempscore	3.5	3.5	3.5
cvss3_vuldb_basescore	3.5	3.5	3.5
cvss3_vuldb_tempscore	3.4	3.4	3.4
cvss3_meta_basescore	3.5	3.5	4.4
cvss3_meta_tempscore	3.4	3.4	4.3
price_0day	$0-$5k	$0-$5k	$0-$5k
cve_assigned		1693000800 (08/26/2023)	1693000800 (08/26/2023)
cve_nvd_summary		A vulnerability was found in Doc2k RE-Chat 1.0. It has been classified as problematic. This affects an unknown part of the file js_on_radio-emergency.de_/re_chat.js. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The patch is named bd17d497ddd3bab4ef9c6831c747c37cc016c570. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-238155.	A vulnerability was found in Doc2k RE-Chat 1.0. It has been classified as problematic. This affects an unknown part of the file js_on_radio-emergency.de_/re_chat.js. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The patch is named bd17d497ddd3bab4ef9c6831c747c37cc016c570. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-238155.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			R
cvss3_nvd_s			C
cvss3_nvd_c			L
cvss3_nvd_i			L
cvss3_nvd_a			N
cvss2_nvd_av			N
cvss2_nvd_ac			L
cvss2_nvd_au			S
cvss2_nvd_ci			N
cvss2_nvd_ii			P
cvss2_nvd_ai			N
cvss3_cna_av			N
cvss3_cna_ac			L
cvss3_cna_pr			L
cvss3_cna_ui			R
cvss3_cna_s			U
cvss3_cna_c			N
cvss3_cna_i			L
cvss3_cna_a			N
cve_cna			VulDB
cvss2_nvd_basescore			4.0
cvss3_nvd_basescore			6.1
cvss3_cna_basescore			3.5

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!