Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2012-1262

Опубликовано: 03 мар. 2012
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3

Описание

Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [5.1.4+dfsg-1]]
hardy

DNE

lucid

ignored

end of life
maverick

ignored

end of life
natty

ignored

end of life
oneiric

ignored

end of life
precise

ignored

end of life
precise/esm

DNE

precise was needed
quantal

not-affected

5.1.4+dfsg-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 74%
0.00849
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2012-1262

nvd
почти 14 лет назад

Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.

debian логотип

CVE-2012-1262

debian
почти 14 лет назад

Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi i ...

github логотип

GHSA-v3r2-wwq7-q6h3

github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.

EPSS

Процентиль: 74%
0.00849
Низкий

4.3 Medium

CVSS2