Lucene search

K

MitreCVELIST:CVE-2012-1262

HistoryMar 03, 2012 - 2:00 a.m.

CVE-2012-1262

2012-03-0302:00:00

mitre

www.cve.org

AI Score

5.4

Confidence

High

EPSS

0.005

Percentile

76.4%

Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.

References

jvn.jp/en/jp/JVN49836527/index.html

jvndb.jvn.jp/jvndb/JVNDB-2012-000016

osvdb.org/79470

packetstormsecurity.org/files/110203/Movable-Type-Publishing-Platform-Cross-Site-Scripting.html

seclists.org/fulldisclosure/2012/Feb/407

www.debian.org/security/2012/dsa-2423

www.movabletype.org/2012/02/movable_type_513_507_and_438_security_updates.html

www.movabletype.org/documentation/appendices/release-notes/513.html

www.securityfocus.com/bid/52138

www.securitytracker.com/id?1026738

exchange.xforce.ibmcloud.com/vulnerabilities/73411

exchange.xforce.ibmcloud.com/vulnerabilities/73480

www.trustwave.com/spiderlabs/advisories/TWSL2012-003.txt

AI Score

5.4

Confidence

High

EPSS

0.005

Percentile

76.4%

Related for CVELIST:CVE-2012-1262

ubuntucve2 prion2 nvd2 cve2 cvelist1 packetstorm1 jvn1 nessus1 openvas2 securityvulns1