{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T10:07:21.441","vulnerabilities":[{"cve":{"id":"CVE-2014-8658","sourceIdentifier":"cve@mitre.org","published":"2014-11-06T15:55:11.350","lastModified":"2025-04-12T10:46:40.837","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in RefinedWiki Original Theme 3.x before 3.5.13 and 4.x before 4.0.12 for Confluence allows remote authenticated users with permissions to create or edit content to inject arbitrary web script or HTML via the versionComment parameter to pages/doeditpage.action."},{"lang":"es","value":"Vulnerabilidad de XSS en RefinedWiki Original Theme 3.x anterior a 3.5.13 y 4.x anterior a 4.0.12 para Confluence permite a usuarios remotos autenticados con permisos para crear o editar contenido inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro versionComment en pages/doeditpage.action."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5:*:*:*:*:confluence:*:*","matchCriteriaId":"70B90D75-0231-45A2-A87D-4B4941CB5400"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.1:*:*:*:*:confluence:*:*","matchCriteriaId":"574F33B9-AB1B-445B-ADCD-66D8E5039E24"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.2:*:*:*:*:confluence:*:*","matchCriteriaId":"FCE7779B-21E0-4BF4-B4EA-203F6AE26478"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.3:*:*:*:*:confluence:*:*","matchCriteriaId":"C7D3D25F-D512-409F-8A85-272285A79423"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.4:*:*:*:*:confluence:*:*","matchCriteriaId":"9F9ACCB2-8FE0-4824-9B4D-48CE91E9BD53"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.5:*:*:*:*:confluence:*:*","matchCriteriaId":"6119640D-0B18-4B4B-9316-A782471916C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.6:*:*:*:*:confluence:*:*","matchCriteriaId":"FEEB750F-35FF-4BC0-9203-4BA1E732FC16"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.7:*:*:*:*:confluence:*:*","matchCriteriaId":"25E0DD90-C597-4AF6-8FB7-1A54016E2C61"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.8:*:*:*:*:confluence:*:*","matchCriteriaId":"F220881C-B809-49A9-B9F1-0FE3EB64AE2F"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.9:*:*:*:*:confluence:*:*","matchCriteriaId":"FE394B25-E5A3-4AA5-B299-697D62165A08"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.10:*:*:*:*:confluence:*:*","matchCriteriaId":"52A290B2-86E3-49DC-94D7-10DF22BA3C64"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.11:*:*:*:*:confluence:*:*","matchCriteriaId":"BCB034B0-510D-49CB-A59F-98468AE00F0F"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.12:*:*:*:*:confluence:*:*","matchCriteriaId":"23889179-06A2-4C28-9DD4-15B064FFC397"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:3.5.13:*:*:*:*:confluence:*:*","matchCriteriaId":"5BD19E98-CF8F-4568-9D32-F78B600145B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0:*:*:*:*:confluence:*:*","matchCriteriaId":"77771597-4758-4686-84A4-93002559AC86"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.1:*:*:*:*:confluence:*:*","matchCriteriaId":"702ECEF9-62C5-47B5-8480-197E8508DC27"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.2:*:*:*:*:confluence:*:*","matchCriteriaId":"8AE6CBEA-B5AC-4249-8C29-1CC1F178759D"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.3:*:*:*:*:confluence:*:*","matchCriteriaId":"ADF40189-BF9E-4D03-8702-35309FD8BC1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.4:*:*:*:*:confluence:*:*","matchCriteriaId":"D26ED02D-9679-4D07-BEF4-72CC1D162D04"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.5:*:*:*:*:confluence:*:*","matchCriteriaId":"EF403433-A553-49BB-95A0-D516D0958E7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.6:*:*:*:*:confluence:*:*","matchCriteriaId":"E956C55B-402C-4C32-A775-2DAE927FE7D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.7:*:*:*:*:confluence:*:*","matchCriteriaId":"C25ADD46-836F-400F-86B6-8527F6E5713B"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.8:*:*:*:*:confluence:*:*","matchCriteriaId":"D9EBF426-A3F5-4634-B48F-D0BE52969F2B"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.9:*:*:*:*:confluence:*:*","matchCriteriaId":"66E21CFD-2BA6-4950-A454-52DD56BE4629"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.10:*:*:*:*:confluence:*:*","matchCriteriaId":"B4311F58-A0AF-41D0-ACBE-6990D6EA901D"},{"vulnerable":true,"criteria":"cpe:2.3:a:refinedwiki:refinedwiki_original_theme:4.0.11:*:*:*:*:confluence:*:*","matchCriteriaId":"A04F8A1B-5363-41ED-90A5-A0F6556AFBDE"}]}]}],"references":[{"url":"http://demo.refinedwiki.com/display/rwot/Version+4.0.12","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://packetstormsecurity.com/files/128907/Confluence-RefinedWiki-Original-Theme-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://seclists.org/fulldisclosure/2014/Oct/126","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/533845/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/70798","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/98401","source":"cve@mitre.org"},{"url":"https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141029-1_RefinedWiki-OriginalTheme_Persistent-Cross-Site-Scripting_v10.txt","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://demo.refinedwiki.com/display/rwot/Version+4.0.12","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://packetstormsecurity.com/files/128907/Confluence-RefinedWiki-Original-Theme-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://seclists.org/fulldisclosure/2014/Oct/126","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/533845/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/70798","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/98401","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141029-1_RefinedWiki-OriginalTheme_Persistent-Cross-Site-Scripting_v10.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}}]}