VAR-201511-0054
Vulnerability from variot - Updated: 2025-04-13 23:18Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to inject arbitrary web script or HTML via the pwd parameter. Multiple models of ARRIS cable modems contain multiple, deterministically generated backdoor passwords, as well as multiple cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities. Arris DG860A, TG862A and TG862G are modem products of the American Arris Group. A cross-site scripting vulnerability 2. A cross-site request-forgery vulnerability 3. Multiple security-bypass vulnerabilities An attacker can exploit these issues to bypass security restrictions and perform unauthorized actions, execute attacker-supplied HTML or JavaScript code in the context of the affected site or to steal cookie-based authentication credentials. This may aid in further attacks. The following products and versions are affected: Arris DG860A, TG862A, TG862G using firmware versions TS0703128_100611 to TS0705125D_031115
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201511-0054",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "na model 862 gw mono",
"scope": "eq",
"trust": 1.6,
"vendor": "arris",
"version": "ts0703135_112211"
},
{
"model": "na model 862 gw mono",
"scope": "eq",
"trust": 1.6,
"vendor": "arris",
"version": "ts0705125d_031115"
},
{
"model": "na model 862 gw mono",
"scope": "eq",
"trust": 1.6,
"vendor": "arris",
"version": "ts070593c_073013"
},
{
"model": "na model 862 gw mono",
"scope": "eq",
"trust": 1.6,
"vendor": "arris",
"version": "ts0705125_062314"
},
{
"model": "na model 862 gw mono",
"scope": "eq",
"trust": 1.6,
"vendor": "arris",
"version": "ts0703128_100611"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arris",
"version": null
},
{
"model": "dg860a",
"scope": null,
"trust": 0.8,
"vendor": "arris group",
"version": null
},
{
"model": "na.model 862.gw.mono",
"scope": "eq",
"trust": 0.8,
"vendor": "arris group",
"version": "ts0703128_100611 to ts0705125d_031115"
},
{
"model": "tg862a",
"scope": null,
"trust": 0.8,
"vendor": "arris group",
"version": null
},
{
"model": "tg862g",
"scope": null,
"trust": 0.8,
"vendor": "arris group",
"version": null
},
{
"model": "dg860a ts0703128 100611 to ts0705125d 031115",
"scope": null,
"trust": 0.6,
"vendor": "arris",
"version": null
},
{
"model": "tg862a ts0703128 100611 to ts0705125d 031115",
"scope": null,
"trust": 0.6,
"vendor": "arris",
"version": null
},
{
"model": "tg862g ts0703128 100611 to ts0705125d 031115",
"scope": null,
"trust": 0.6,
"vendor": "arris",
"version": null
},
{
"model": "tg862g ts070593c 073013 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862g ts0705125d 031115 na",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862g ts0705125 062314 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862g ts0703135 112211 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862g ts0703128 100611 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862a ts070593c 073013 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862a ts0705125d 031115 na",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862a ts0705125 062314 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862a ts0703135 112211 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "tg862a ts0703128 100611 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "dg860a ts070593c 073013 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "dg860a ts0705125d 031115 na",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "dg860a ts0705125 062314 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "dg860a ts0703135 112211 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
},
{
"model": "dg860a ts0703128 100611 na.",
"scope": null,
"trust": 0.3,
"vendor": "arris",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#419568"
},
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "BID",
"id": "77674"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:arris:dg860a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:arris:na_model_862_gw_mono_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:arris:tg862a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:arris:tg862g",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bernardo Rodrigues",
"sources": [
{
"db": "BID",
"id": "77674"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7290",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7290",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2015-07831",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-85251",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7290",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7290",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-07831",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-383",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-85251",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "VULHUB",
"id": "VHN-85251"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to inject arbitrary web script or HTML via the pwd parameter. Multiple models of ARRIS cable modems contain multiple, deterministically generated backdoor passwords, as well as multiple cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities. Arris DG860A, TG862A and TG862G are modem products of the American Arris Group. A cross-site scripting vulnerability\n2. A cross-site request-forgery vulnerability\n3. Multiple security-bypass vulnerabilities\nAn attacker can exploit these issues to bypass security restrictions and perform unauthorized actions, execute attacker-supplied HTML or JavaScript code in the context of the affected site or to steal cookie-based authentication credentials. This may aid in further attacks. The following products and versions are affected: Arris DG860A, TG862A, TG862G using firmware versions TS0703128_100611 to TS0705125D_031115",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7290"
},
{
"db": "CERT/CC",
"id": "VU#419568"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "BID",
"id": "77674"
},
{
"db": "VULHUB",
"id": "VHN-85251"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#419568",
"trust": 4.2
},
{
"db": "NVD",
"id": "CVE-2015-7290",
"trust": 3.4
},
{
"db": "EXPLOIT-DB",
"id": "29131",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90662356",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201511-383",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-07831",
"trust": 0.6
},
{
"db": "BID",
"id": "77674",
"trust": 0.3
},
{
"db": "SEEBUG",
"id": "SSVID-89955",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-85251",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#419568"
},
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "VULHUB",
"id": "VHN-85251"
},
{
"db": "BID",
"id": "77674"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"id": "VAR-201511-0054",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "VULHUB",
"id": "VHN-85251"
}
],
"trust": 1.4555555666666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07831"
}
]
},
"last_update_date": "2025-04-13T23:18:02.588000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.arris.com/"
},
{
"title": "TG862G/CT",
"trust": 0.8,
"url": "http://arris.force.com/consumers/ConsumerProductDetail?p=a0ha000000GOZ3yAAH\u0026c=Touchstone%20Modems%20and%20Gateways"
},
{
"title": "Patches for multiple Arris device cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/67320"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85251"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.kb.cert.org/vuls/id/419568"
},
{
"trust": 0.8,
"url": "https://w00tsec.blogspot.com/2015/11/arris-cable-modem-has-backdoor-in.html"
},
{
"trust": 0.8,
"url": "https://github.com/borfast/arrispwgen"
},
{
"trust": 0.8,
"url": "https://www.shodan.io/search?query=arris+port%3a%2223%22"
},
{
"trust": 0.8,
"url": "https://www.shodan.io/search?query=ssh-2.0-arris_0.50"
},
{
"trust": 0.8,
"url": "https://www.shodan.io/search?query=net-dk"
},
{
"trust": 0.8,
"url": "http://www.theregister.co.uk/2015/11/20/arris_modem_backdoor/"
},
{
"trust": 0.8,
"url": "http://www.cert.br/docs/palestras/certbr-tcfirst2015.pdf"
},
{
"trust": 0.8,
"url": "https://www.exploit-db.com/exploits/29131/"
},
{
"trust": 0.8,
"url": "http://docsis.org/node/1575"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/255.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/259.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/80.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/352.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7290"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90662356/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7290"
},
{
"trust": 0.3,
"url": "http://www.arrisi.com/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#419568"
},
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "VULHUB",
"id": "VHN-85251"
},
{
"db": "BID",
"id": "77674"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#419568"
},
{
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"db": "VULHUB",
"id": "VHN-85251"
},
{
"db": "BID",
"id": "77674"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-20T00:00:00",
"db": "CERT/CC",
"id": "VU#419568"
},
{
"date": "2015-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"date": "2015-11-21T00:00:00",
"db": "VULHUB",
"id": "VHN-85251"
},
{
"date": "2015-11-20T00:00:00",
"db": "BID",
"id": "77674"
},
{
"date": "2015-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"date": "2015-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"date": "2015-11-21T11:59:18.247000",
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-23T00:00:00",
"db": "CERT/CC",
"id": "VU#419568"
},
{
"date": "2015-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07831"
},
{
"date": "2015-11-23T00:00:00",
"db": "VULHUB",
"id": "VHN-85251"
},
{
"date": "2015-11-20T00:00:00",
"db": "BID",
"id": "77674"
},
{
"date": "2015-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006008"
},
{
"date": "2015-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-383"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-7290"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ARRIS cable modems generate passwords deterministically and contain XSS and CSRF vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#419568"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-383"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…