CVE-2012-0846

Опубликовано: 08 окт. 2012

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the Location variable.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2012-01/0129.html
Exploit
http://sourceforge.net/tracker/?func=detail&aid=3472745&group_id=3870&atid=103870
http://sourceforge.net/tracker/?func=detail&aid=3488543&group_id=3870&atid=303870
http://www.openwall.com/lists/oss-security/2012/02/11/2
http://www.openwall.com/lists/oss-security/2012/02/12/1
http://www.openwall.com/lists/oss-security/2012/02/12/3
http://www.openwall.com/lists/oss-security/2012/02/13/6
http://www.securityfocus.com/bid/51600
https://exchange.xforce.ibmcloud.com/vulnerabilities/72563
http://archives.neohapsis.com/archives/bugtraq/2012-01/0129.html
Exploit
http://sourceforge.net/tracker/?func=detail&aid=3472745&group_id=3870&atid=103870
http://sourceforge.net/tracker/?func=detail&aid=3488543&group_id=3870&atid=303870
http://www.openwall.com/lists/oss-security/2012/02/11/2
http://www.openwall.com/lists/oss-security/2012/02/12/1
http://www.openwall.com/lists/oss-security/2012/02/12/3
http://www.openwall.com/lists/oss-security/2012/02/13/6
http://www.securityfocus.com/bid/51600
https://exchange.xforce.ibmcloud.com/vulnerabilities/72563

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:k5n:webcalendar:1.2.4:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00643

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2012-0846

debian

больше 13 лет назад

Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar ...

GHSA-rr66-pqp9-7m9f

github

больше 3 лет назад