CVE-2012-2404

Опубликовано: 21 апр. 2012

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

wp-comments-post.php in WordPress before 3.3.2 supports offsite redirects, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия до 3.3.1 (включая)

cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.2.5:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.2.5:a:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.3:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.3.3:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.0.8:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.0.9:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.0.11:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.3:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.3.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.3.3:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.5:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.5.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.6:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.6.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.6.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.6.3:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.6.5:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.7:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.7.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.8:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.8.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.8.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.8.3:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.8.4:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.8.4:a:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.8.5:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.8.5.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.8.5.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.8.6:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.9:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.9.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.9.1.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:2.9.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:3.0:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:3.0.3:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:3.0.4:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:3.0.5:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:3.0.6:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:3.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:3.1.2:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:3.1.3:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:wordpress:3.3:*:*:*:*:*:*:*

EPSS

Процентиль: 84%

0.02382

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2012-2404

ubuntu

больше 13 лет назад

wp-comments-post.php in WordPress before 3.3.2 supports offsite redirects, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

CVE-2012-2404

debian

больше 13 лет назад

wp-comments-post.php in WordPress before 3.3.2 supports offsite redire ...

GHSA-grx2-xpgf-hf3r

github

около 3 лет назад

wp-comments-post.php in WordPress before 3.3.2 supports offsite redirects, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

EPSS

Процентиль: 84%

0.02382

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79