Search
Find a vulnerability
Search criteria
14 vulnerabilities by xiuno
CVE-2020-19914 (GCVE-0-2020-19914)
Vulnerability from nvd – Published: 2022-09-07 21:14 – Updated: 2024-08-04 14:15
VLAI
Summary
Cross Site Scripting (XSS) in xiunobbs 4.0.4 allows remote attackers to execute arbitrary web script or HTML via the attachment upload function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://kevinoclam.github.io/blog/2019/07/31/xiun… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:15:28.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kevinoclam.github.io/blog/2019/07/31/xiunobbs-upload/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) in xiunobbs 4.0.4 allows remote attackers to execute arbitrary web script or HTML via the attachment upload function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-07T21:14:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kevinoclam.github.io/blog/2019/07/31/xiunobbs-upload/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-19914",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS) in xiunobbs 4.0.4 allows remote attackers to execute arbitrary web script or HTML via the attachment upload function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kevinoclam.github.io/blog/2019/07/31/xiunobbs-upload/",
"refsource": "MISC",
"url": "https://kevinoclam.github.io/blog/2019/07/31/xiunobbs-upload/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-19914",
"datePublished": "2022-09-07T21:14:42.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:15:28.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-21496 (GCVE-0-2020-21496)
Vulnerability from nvd – Published: 2021-10-04 21:00 – Updated: 2024-08-04 14:30
VLAI
Summary
A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitebrief parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/wanghaiwei/xiuno-docker/issues/5 | x_refsource_MISC |
| https://gitee.com/xiuno/xiunobbs/issues/I16BI3 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:30:32.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitebrief parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-04T21:00:37.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-21496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitebrief parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wanghaiwei/xiuno-docker/issues/5",
"refsource": "MISC",
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/5"
},
{
"name": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3",
"refsource": "MISC",
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-21496",
"datePublished": "2021-10-04T21:00:37.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:30:32.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-21495 (GCVE-0-2020-21495)
Vulnerability from nvd – Published: 2021-10-04 21:00 – Updated: 2024-08-04 14:30
VLAI
Summary
A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/wanghaiwei/xiuno-docker/issues/5 | x_refsource_MISC |
| https://gitee.com/xiuno/xiunobbs/issues/I16BI3 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:30:32.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-04T21:00:36.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-21495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wanghaiwei/xiuno-docker/issues/5",
"refsource": "MISC",
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/5"
},
{
"name": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3",
"refsource": "MISC",
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-21495",
"datePublished": "2021-10-04T21:00:36.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:30:32.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-21494 (GCVE-0-2020-21494)
Vulnerability from nvd – Published: 2021-10-04 21:00 – Updated: 2024-08-04 14:30
VLAI
Summary
A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://gitee.com/xiuno/xiunobbs/issues/I16BHH | x_refsource_MISC |
| https://github.com/wanghaiwei/xiuno-docker/issues/4 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:30:33.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BHH"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the component install\\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-04T21:00:36.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BHH"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-21494",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) vulnerability in the component install\\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitee.com/xiuno/xiunobbs/issues/I16BHH",
"refsource": "MISC",
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BHH"
},
{
"name": "https://github.com/wanghaiwei/xiuno-docker/issues/4",
"refsource": "MISC",
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-21494",
"datePublished": "2021-10-04T21:00:36.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:30:33.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-21493 (GCVE-0-2020-21493)
Vulnerability from nvd – Published: 2021-10-04 21:00 – Updated: 2024-08-04 14:30
VLAI
Summary
An issue in the component route\user.php of Xiuno BBS v4.0.4 allows attackers to enumerate usernames.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/wanghaiwei/xiuno-docker/issues/3 | x_refsource_MISC |
| https://gitee.com/xiuno/xiunobbs/issues/I1690W | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:30:33.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I1690W"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue in the component route\\user.php of Xiuno BBS v4.0.4 allows attackers to enumerate usernames."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-04T21:00:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I1690W"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-21493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue in the component route\\user.php of Xiuno BBS v4.0.4 allows attackers to enumerate usernames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wanghaiwei/xiuno-docker/issues/3",
"refsource": "MISC",
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/3"
},
{
"name": "https://gitee.com/xiuno/xiunobbs/issues/I1690W",
"refsource": "MISC",
"url": "https://gitee.com/xiuno/xiunobbs/issues/I1690W"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-21493",
"datePublished": "2021-10-04T21:00:35.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:30:33.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19998 (GCVE-0-2019-19998)
Vulnerability from nvd – Published: 2019-12-26 03:37 – Updated: 2024-08-05 02:32
VLAI
Summary
Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://gitee.com/xiuno/xiunobbs/issues/I177MY | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:32:10.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I177MY"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-26T03:37:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I177MY"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitee.com/xiuno/xiunobbs/issues/I177MY",
"refsource": "MISC",
"url": "https://gitee.com/xiuno/xiunobbs/issues/I177MY"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19998",
"datePublished": "2019-12-26T03:37:44.000Z",
"dateReserved": "2019-12-26T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:32:10.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15559 (GCVE-0-2018-15559)
Vulnerability from nvd – Published: 2018-08-20 00:00 – Updated: 2024-08-05 09:54
VLAI
Summary
The editor in Xiuno BBS 4.0.4 allows stored XSS.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://bbs.xiuno.com/thread-148095.htm | x_refsource_MISC |
Date Public
2018-08-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:03.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bbs.xiuno.com/thread-148095.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The editor in Xiuno BBS 4.0.4 allows stored XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-20T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bbs.xiuno.com/thread-148095.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15559",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The editor in Xiuno BBS 4.0.4 allows stored XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bbs.xiuno.com/thread-148095.htm",
"refsource": "MISC",
"url": "https://bbs.xiuno.com/thread-148095.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15559",
"datePublished": "2018-08-20T00:00:00.000Z",
"dateReserved": "2018-08-19T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:03.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-19914 (GCVE-0-2020-19914)
Vulnerability from cvelistv5 – Published: 2022-09-07 21:14 – Updated: 2024-08-04 14:15
VLAI
Summary
Cross Site Scripting (XSS) in xiunobbs 4.0.4 allows remote attackers to execute arbitrary web script or HTML via the attachment upload function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://kevinoclam.github.io/blog/2019/07/31/xiun… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:15:28.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kevinoclam.github.io/blog/2019/07/31/xiunobbs-upload/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) in xiunobbs 4.0.4 allows remote attackers to execute arbitrary web script or HTML via the attachment upload function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-07T21:14:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kevinoclam.github.io/blog/2019/07/31/xiunobbs-upload/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-19914",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS) in xiunobbs 4.0.4 allows remote attackers to execute arbitrary web script or HTML via the attachment upload function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kevinoclam.github.io/blog/2019/07/31/xiunobbs-upload/",
"refsource": "MISC",
"url": "https://kevinoclam.github.io/blog/2019/07/31/xiunobbs-upload/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-19914",
"datePublished": "2022-09-07T21:14:42.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:15:28.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-21496 (GCVE-0-2020-21496)
Vulnerability from cvelistv5 – Published: 2021-10-04 21:00 – Updated: 2024-08-04 14:30
VLAI
Summary
A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitebrief parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/wanghaiwei/xiuno-docker/issues/5 | x_refsource_MISC |
| https://gitee.com/xiuno/xiunobbs/issues/I16BI3 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:30:32.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitebrief parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-04T21:00:37.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-21496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitebrief parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wanghaiwei/xiuno-docker/issues/5",
"refsource": "MISC",
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/5"
},
{
"name": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3",
"refsource": "MISC",
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-21496",
"datePublished": "2021-10-04T21:00:37.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:30:32.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-21494 (GCVE-0-2020-21494)
Vulnerability from cvelistv5 – Published: 2021-10-04 21:00 – Updated: 2024-08-04 14:30
VLAI
Summary
A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://gitee.com/xiuno/xiunobbs/issues/I16BHH | x_refsource_MISC |
| https://github.com/wanghaiwei/xiuno-docker/issues/4 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:30:33.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BHH"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the component install\\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-04T21:00:36.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BHH"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-21494",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) vulnerability in the component install\\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitee.com/xiuno/xiunobbs/issues/I16BHH",
"refsource": "MISC",
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BHH"
},
{
"name": "https://github.com/wanghaiwei/xiuno-docker/issues/4",
"refsource": "MISC",
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-21494",
"datePublished": "2021-10-04T21:00:36.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:30:33.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-21495 (GCVE-0-2020-21495)
Vulnerability from cvelistv5 – Published: 2021-10-04 21:00 – Updated: 2024-08-04 14:30
VLAI
Summary
A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/wanghaiwei/xiuno-docker/issues/5 | x_refsource_MISC |
| https://gitee.com/xiuno/xiunobbs/issues/I16BI3 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:30:32.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-04T21:00:36.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-21495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitename parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wanghaiwei/xiuno-docker/issues/5",
"refsource": "MISC",
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/5"
},
{
"name": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3",
"refsource": "MISC",
"url": "https://gitee.com/xiuno/xiunobbs/issues/I16BI3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-21495",
"datePublished": "2021-10-04T21:00:36.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:30:32.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-21493 (GCVE-0-2020-21493)
Vulnerability from cvelistv5 – Published: 2021-10-04 21:00 – Updated: 2024-08-04 14:30
VLAI
Summary
An issue in the component route\user.php of Xiuno BBS v4.0.4 allows attackers to enumerate usernames.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/wanghaiwei/xiuno-docker/issues/3 | x_refsource_MISC |
| https://gitee.com/xiuno/xiunobbs/issues/I1690W | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:30:33.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I1690W"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue in the component route\\user.php of Xiuno BBS v4.0.4 allows attackers to enumerate usernames."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-04T21:00:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I1690W"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-21493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue in the component route\\user.php of Xiuno BBS v4.0.4 allows attackers to enumerate usernames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wanghaiwei/xiuno-docker/issues/3",
"refsource": "MISC",
"url": "https://github.com/wanghaiwei/xiuno-docker/issues/3"
},
{
"name": "https://gitee.com/xiuno/xiunobbs/issues/I1690W",
"refsource": "MISC",
"url": "https://gitee.com/xiuno/xiunobbs/issues/I1690W"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-21493",
"datePublished": "2021-10-04T21:00:35.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T14:30:33.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19998 (GCVE-0-2019-19998)
Vulnerability from cvelistv5 – Published: 2019-12-26 03:37 – Updated: 2024-08-05 02:32
VLAI
Summary
Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://gitee.com/xiuno/xiunobbs/issues/I177MY | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:32:10.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I177MY"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-26T03:37:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gitee.com/xiuno/xiunobbs/issues/I177MY"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitee.com/xiuno/xiunobbs/issues/I177MY",
"refsource": "MISC",
"url": "https://gitee.com/xiuno/xiunobbs/issues/I177MY"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19998",
"datePublished": "2019-12-26T03:37:44.000Z",
"dateReserved": "2019-12-26T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:32:10.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15559 (GCVE-0-2018-15559)
Vulnerability from cvelistv5 – Published: 2018-08-20 00:00 – Updated: 2024-08-05 09:54
VLAI
Summary
The editor in Xiuno BBS 4.0.4 allows stored XSS.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://bbs.xiuno.com/thread-148095.htm | x_refsource_MISC |
Date Public
2018-08-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:03.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bbs.xiuno.com/thread-148095.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The editor in Xiuno BBS 4.0.4 allows stored XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-20T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bbs.xiuno.com/thread-148095.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15559",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The editor in Xiuno BBS 4.0.4 allows stored XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bbs.xiuno.com/thread-148095.htm",
"refsource": "MISC",
"url": "https://bbs.xiuno.com/thread-148095.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15559",
"datePublished": "2018-08-20T00:00:00.000Z",
"dateReserved": "2018-08-19T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:03.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}