VIR Vulnerability Intelligence Relay

CVE-2011-3199

low
Published 2014-03-21 ยท Modified 2026-05-06
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
โ€”
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
3.5

Description

Multiple cross-site scripting (XSS) vulnerabilities in Domain Technologie Control (DTC) before 0.34.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) message body of a support ticket or unspecified vectors to the (2) DNS and (3) MX form, as demonstrated by the "Domain root TXT record:" field.

Predictions

Exploit likelihood
20%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Application impact
VendorProductVersionsFixed
gplhostdomain_technologie_control{"endIncluding":"0.32.11"}
gplhostdomain_technologie_control0.24.6
gplhostdomain_technologie_control0.25.1
gplhostdomain_technologie_control0.25.2
gplhostdomain_technologie_control0.25.3
gplhostdomain_technologie_control0.26.7
gplhostdomain_technologie_control0.26.8
gplhostdomain_technologie_control0.26.9
gplhostdomain_technologie_control0.27.3
gplhostdomain_technologie_control0.28.2
gplhostdomain_technologie_control0.28.3
gplhostdomain_technologie_control0.28.4
gplhostdomain_technologie_control0.28.6
gplhostdomain_technologie_control0.28.9
gplhostdomain_technologie_control0.28.10
gplhostdomain_technologie_control0.29.1
gplhostdomain_technologie_control0.29.6
gplhostdomain_technologie_control0.29.8
gplhostdomain_technologie_control0.29.10
gplhostdomain_technologie_control0.29.14
gplhostdomain_technologie_control0.29.15
gplhostdomain_technologie_control0.29.16
gplhostdomain_technologie_control0.29.17
gplhostdomain_technologie_control0.30.6
gplhostdomain_technologie_control0.30.8
gplhostdomain_technologie_control0.30.10
gplhostdomain_technologie_control0.30.18
gplhostdomain_technologie_control0.30.20
gplhostdomain_technologie_control0.32.1
gplhostdomain_technologie_control0.32.2
gplhostdomain_technologie_control0.32.3
gplhostdomain_technologie_control0.32.4
gplhostdomain_technologie_control0.32.5
gplhostdomain_technologie_control0.32.6
gplhostdomain_technologie_control0.32.7

References

CWEs

CWE-79

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.