Strix
26.1K

CVE-2011-2510

UnknownEPSS 1.75%

Last modified

CVE-2011-2510 is a vulnerability of currently unknown severity. Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject arbitrary web script or HTML via a link.. EPSS estimates a 1.75% chance of exploitation in the next 30 days.

Description

Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject arbitrary web script or HTML via a link.

Metrics

EPSS Probability
1.75%

74.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
DokuwikiDokuwiki<= 2010-11-07a
DokuwikiDokuwiki2005-07-01
DokuwikiDokuwiki2005-07-13
DokuwikiDokuwiki2005-09-19
DokuwikiDokuwiki2005-09-22
DokuwikiDokuwiki2006-03-05
DokuwikiDokuwiki2006-03-09
DokuwikiDokuwiki2006-11-06
DokuwikiDokuwiki2007-06-26
DokuwikiDokuwiki2008-05-05
DokuwikiDokuwiki2009-02-14b
DokuwikiDokuwiki2009-12-25c

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2011-2510?
Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject arbitrary web script or HTML via a link.
How severe is CVE-2011-2510?
Severity scoring for CVE-2011-2510 is pending analysis. The EPSS model estimates a 1.75% probability of exploitation in the next 30 days.
How do I fix CVE-2011-2510?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2011-2510?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST