CVE-2011-5258

NONECVSS 0.0

0.0

Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.6.11.2 allow remote attackers to inject arbitrary web script or HTML via the (1) uniqcode or (2) isAdmin parameter to index.php; or the (3) PATH_INFO to lib/controllers/centralcontroller.php.

🔗 References (16)

cve@mitrehttp://blog.orangehrm.com/2011/12/09/security-vulnerabilities-fixed-with-orangehrm-26112/
cve@mitrehttp://osvdb.org/show/osvdb/77416
cve@mitrehttp://osvdb.org/show/osvdb/77417
cve@mitrehttp://secunia.com/advisories/47014
cve@mitrehttp://www.securityfocus.com/archive/1/520684/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/50857
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/71568
cve@mitrehttps://www.htbridge.ch/advisory/multiple_vulnerabilities_in_orangehrm.html
af854a3a-2127-422b-91ae-364da2661108http://blog.orangehrm.com/2011/12/09/security-vulnerabilities-fixed-with-orangehrm-26112/
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/show/osvdb/77416
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/show/osvdb/77417
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/47014
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/520684/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/50857
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/71568

Is Your Infrastructure Affected by CVE-2011-5258?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2011-5258

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2011-5258?