CVE-2012-4000

Опубликовано: 12 июл. 2012

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the print_textinputs_var function in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor 2.6.7 and earlier allows remote attackers to inject arbitrary web script or HTML via textinputs array parameters.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ckeditor:fckeditor:*:*:*:*:*:*:*:*

Версия до 2.6.7 (включая)

cpe:2.3:a:ckeditor:fckeditor:0.8:beta:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:0.8.5:beta:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:0.9.0:beta:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:0.9.1:beta:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:0.9.2:beta:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:0.9.3:beta:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:0.9.4:beta:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:0.9.5:beta:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:1.0:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:1.0:fc:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:1.0:rc1:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:1.1:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:1.2:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:1.3:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:1.4:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:1.5:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:1.6:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.0:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.0:beta1:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.0:beta2:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.0:fc:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.0:rc1:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.0:rc2:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.0:rc3:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.1:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.2:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.3:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.3:beta:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.3.2:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.3.3:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.4:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.4.2:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.4.3:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.5:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.5:beta:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.5.1:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.6:beta:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.6:rc:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.6.1:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.6.2:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.6.3:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.6.3:beta:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.6.4:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.6.4:beta:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.6.4.1:*:*:*:*:*:*:*

cpe:2.3:a:ckeditor:fckeditor:2.6.5:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.04195

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2012-4000

ubuntu

около 13 лет назад

CVE-2012-4000

debian

около 13 лет назад

Cross-site scripting (XSS) vulnerability in the print_textinputs_var f ...

GHSA-8c32-34gf-q623

github

около 3 лет назад

BDU:2015-01991

fstec

около 13 лет назад

Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить целостность защищаемой информации

EPSS

Процентиль: 88%

0.04195

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79