Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2012-3414

Опубликовано: 19 июл. 2013
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.3

Описание

Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the "ExternalInterface.call" function.

РелизСтатусПримечание
devel

not-affected

2.2.0.1+ds1-2
hardy

DNE

lucid

DNE

natty

DNE

oneiric

DNE

precise

DNE

upstream

released

2.2.0.1+ds1-2

Показывать по

Ссылки на источники

EPSS

Процентиль: 88%
0.04335
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2012-3414

nvd
почти 12 лет назад

Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the "ExternalInterface.call" function.

debian логотип

CVE-2012-3414

debian
почти 12 лет назад

Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload ...

github логотип

GHSA-89mv-5c9h-c8f7

github
около 3 лет назад

Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the "ExternalInterface.call" function.

EPSS

Процентиль: 88%
0.04335
Низкий

4.3 Medium

CVSS2