{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T16:04:31.929","vulnerabilities":[{"cve":{"id":"CVE-2010-3447","sourceIdentifier":"secalert@redhat.com","published":"2011-04-04T12:27:36.187","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a view_file action."},{"lang":"es","value":"Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en view.php en el visor de archivos en Horda Gollem antes de v1.1.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML mediante el parámetro de archivo en una acción view_file."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:*:*:*:*:*:*:*:*","versionEndIncluding":"1.1.1","matchCriteriaId":"25126D4F-6975-4367-BDFD-C3F86006B624"},{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:1.0:*:*:*:*:*:*:*","matchCriteriaId":"A4E0E674-5CA7-4E8E-8F09-27DE07163FDE"},{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:1.0:alpha:*:*:*:*:*:*","matchCriteriaId":"0899ECCC-53EA-4E92-A594-3F794686BEFD"},{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:1.0:beta:*:*:*:*:*:*","matchCriteriaId":"E9456DF5-F5A8-4C7F-996E-92460D92186D"},{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:1.0:rc1:*:*:*:*:*:*","matchCriteriaId":"4F97B4D7-857D-4069-9C53-7FB8608023D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:1.0:rc2:*:*:*:*:*:*","matchCriteriaId":"2B98920D-0D45-4F2B-B831-2F9EEA40FF69"},{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:1.0.1:*:*:*:*:*:*:*","matchCriteriaId":"D6AA3B89-CD83-48FB-BD7D-C64FBF343FC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:1.0.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B3EFA3DB-2ED5-4943-8A90-3E32F138CD07"},{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:1.0.2:*:*:*:*:*:*:*","matchCriteriaId":"432CED74-A45B-48C9-8B6F-CD47C199C0F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:1.0.2:rc1:*:*:*:*:*:*","matchCriteriaId":"F659E87A-C13C-42DD-B879-C816F8B5934B"},{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:1.0.3:*:*:*:*:*:*:*","matchCriteriaId":"75CC2297-8F92-4A52-9B4C-676180BD2EA3"},{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:1.0.4:*:*:*:*:*:*:*","matchCriteriaId":"C85F9C7B-05EC-45E2-B3EA-95203DE39123"},{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:1.1:*:*:*:*:*:*:*","matchCriteriaId":"15C21375-373D-4EA4-AE2F-10F5074A752B"},{"vulnerable":true,"criteria":"cpe:2.3:a:horde:gollem:1.1:rc1:*:*:*:*:*:*","matchCriteriaId":"D6E0BBC8-E171-4B0C-9423-7556DDB84A07"}]}]}],"references":[{"url":"http://bugs.horde.org/ticket/9191","source":"secalert@redhat.com","tags":["Exploit","Patch"]},{"url":"http://git.horde.org/diff.php/gollem/view.php?rt=horde&r1=1.51.2.6&r2=1.51.2.7&ty=u","source":"secalert@redhat.com","tags":["Patch"]},{"url":"http://git.horde.org/diff.php/gollem/view.php?rt=horde-git&r1=7f7a4300f16b429ed645bc3e2af2cedffc70ce3e&r2=025a1bfbe69622036f8e3a27a6edd39c02dcd4ea","source":"secalert@redhat.com","tags":["Patch"]},{"url":"http://lists.horde.org/archives/announce/2010/000565.html","source":"secalert@redhat.com","tags":["Patch"]},{"url":"http://lists.horde.org/archives/commits/2010-August/004747.html","source":"secalert@redhat.com","tags":["Patch"]},{"url":"http://openwall.com/lists/oss-security/2010/09/29/11","source":"secalert@redhat.com","tags":["Exploit","Patch"]},{"url":"http://openwall.com/lists/oss-security/2010/09/30/5","source":"secalert@redhat.com","tags":["Exploit","Patch"]},{"url":"http://openwall.com/lists/oss-security/2010/09/30/7","source":"secalert@redhat.com","tags":["Exploit","Patch"]},{"url":"http://openwall.com/lists/oss-security/2010/09/30/8","source":"secalert@redhat.com","tags":["Patch"]},{"url":"http://secunia.com/advisories/41624","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"http://www.osvdb.org/68262","source":"secalert@redhat.com"},{"url":"http://www.vupen.com/english/advisories/2010/2523","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/62091","source":"secalert@redhat.com"},{"url":"http://bugs.horde.org/ticket/9191","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"http://git.horde.org/diff.php/gollem/view.php?rt=horde&r1=1.51.2.6&r2=1.51.2.7&ty=u","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://git.horde.org/diff.php/gollem/view.php?rt=horde-git&r1=7f7a4300f16b429ed645bc3e2af2cedffc70ce3e&r2=025a1bfbe69622036f8e3a27a6edd39c02dcd4ea","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://lists.horde.org/archives/announce/2010/000565.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://lists.horde.org/archives/commits/2010-August/004747.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://openwall.com/lists/oss-security/2010/09/29/11","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"http://openwall.com/lists/oss-security/2010/09/30/5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"http://openwall.com/lists/oss-security/2010/09/30/7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"http://openwall.com/lists/oss-security/2010/09/30/8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://secunia.com/advisories/41624","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.osvdb.org/68262","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2010/2523","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/62091","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}