CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-0459

Cross-site scripting (XSS) vulnerability in Cyber-Ark Password Vault Web Access (PVWA) 5.0 and earlier, 5.5 through 5.5 patch 4, and 6.0 through 6.0 patch 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.9%

CVSS Severity

CVSS v2 Score 4.3

References

http://jvn.jp/en/jp/JVN11424086/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000023
http://secunia.com/advisories/44058
http://www.securityfocus.com/bid/47271
http://jvn.jp/en/jp/JVN11424086/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000023
http://secunia.com/advisories/44058
http://www.securityfocus.com/bid/47271

Products affected by CVE-2011-0459

Cyber-Ark » Password Vault Web Access » Version: Any

cpe:2.3:a:cyber-ark:password_vault_web_access:*
Cyber-Ark » Password Vault Web Access » Version: 4.0

cpe:2.3:a:cyber-ark:password_vault_web_access:4.0
Cyber-Ark » Password Vault Web Access » Version: 5.5

cpe:2.3:a:cyber-ark:password_vault_web_access:5.5
Cyber-Ark » Password Vault Web Access » Version: 6.0

cpe:2.3:a:cyber-ark:password_vault_web_access:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-0459

Products

Pricing

Contact Us