Vulnerability Database

296,746

Total vulnerabilities in the database

CVE-2011-4647

Multiple cross-site scripting (XSS) vulnerabilities in the story creation feature in Geeklog 1.8.0 allow remote attackers to inject arbitrary web script or HTML via the (1) code or (2) raw BBcode tags.

Published: Nov 30, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-4647
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
geeklog / geeklog	1.8.0	1.8.0.x

http://osvdb.org/76297
http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/fd3ca3aebf86
http://project.geeklog.net/tracking/view.php?id=1368
http://secunia.com/advisories/46348/
http://www.geeklog.net/article.php/geeklog-1.8.1

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo