Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-1262

Опубликовано: 03 мар. 2012
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:movabletype:movable_type_open_source:*:*:*:*:*:*:*:*
Версия до 4.37 (включая)
cpe:2.3:a:movabletype:movable_type_open_source:4.0:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.0:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.1:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.01:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.2:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.2:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.3:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.23:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.25:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.26:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.31:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.32:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.33:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.34:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.35:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.36:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.261:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.361:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.02:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.03:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.04:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.05:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.06:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.11:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.12:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.031:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.051:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:movabletype:movable_type_enterprise:*:*:*:*:*:*:*:*
Версия до 4.37 (включая)
cpe:2.3:a:movabletype:movable_type_enterprise:4.0:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.0:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.01:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.1:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.2:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.2:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.3:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.23:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.25:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.26:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.31:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.32:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.33:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.34:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.35:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.36:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.261:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.361:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.02:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.03:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.04:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.05:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.06:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.11:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.12:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.031:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.051:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:movabletype:movable_type_advanced:*:*:*:*:*:*:*:*
Версия до 4.37 (включая)
cpe:2.3:a:movabletype:movable_type_advanced:4.0:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.0:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.01:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.1:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.2:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.2:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.3:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.23:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.25:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.26:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.31:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.32:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.33:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.34:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.35:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.36:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.261:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.361:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.02:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.03:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.04:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.05:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.06:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.11:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.12:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.031:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.051:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:a:movabletype:movable_type_pro:*:*:*:*:*:*:*:*
Версия до 4.37 (включая)
cpe:2.3:a:movabletype:movable_type_pro:4.0:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.0:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.1:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.01:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.2:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.2:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.3:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.23:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.25:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.26:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.31:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.32:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.33:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.34:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.35:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.36:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.261:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.361:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.02:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.03:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.04:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.05:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.06:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.11:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.12:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.031:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.051:*:*:*:*:*:*:*

EPSS

Процентиль: 74%
0.00849
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2012-1262

ubuntu
почти 14 лет назад

Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.

debian логотип

CVE-2012-1262

debian
почти 14 лет назад

Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi i ...

github логотип

GHSA-v3r2-wwq7-q6h3

github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.

EPSS

Процентиль: 74%
0.00849
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79
Уязвимость CVE-2012-1262