Unrated severityNVD Advisory· Published Sep 2, 2011· Updated Apr 29, 2026

CVE-2011-3385

Description

Cross-site scripting (XSS) vulnerability in WebsiteBaker before 2.8, as used in LEPTON and possibly other products, allows remote attackers to inject arbitrary web script or HTML via unknown vectors, a different vulnerability than CVE-2006-2307.

Affected products

Lepton Cms/Lepton
cpe:2.3:a:lepton-cms:lepton:*:*:*:*:*:*:*:*
Website Baker/Websitebaker2 versions
cpe:2.3:a:websitebaker2:websitebaker:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:websitebaker2:websitebaker:*:*:*:*:*:*:*:*range: <=2.7
- cpe:2.3:a:websitebaker2:websitebaker:2.6.7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/jp/JVN02134508/index.htmlnvd
jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000067.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000