Lucene search
HistoryNov 24, 2012 - 8:55 p.m.
CVE-2012-2247
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
7.6
Confidence
High
EPSS
0.002
Percentile
56.9%
Cross-site scripting (XSS) vulnerability in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to artefact/file/ and a crafted SVG file.
Affected configurations
Node
maharamaharaMatch1.4rc1
ORmaharamaharaMatch1.4rc2
ORmaharamaharaMatch1.4rc3
ORmaharamaharaMatch1.4rc4
ORmaharamaharaMatch1.4.0
ORmaharamaharaMatch1.4.1
ORmaharamaharaMatch1.4.2
ORmaharamaharaMatch1.4.3
ORmaharamaharaMatch1.4.4
Node
maharamaharaMatch1.5rc1
ORmaharamaharaMatch1.5rc2
ORmaharamaharaMatch1.5.0
ORmaharamaharaMatch1.5.1
ORmaharamaharaMatch1.5.2
ORmaharamaharaMatch1.5.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mahara | mahara | 1.4 | cpe:2.3:a:mahara:mahara:1.4:rc1:*:*:*:*:*:* |
| mahara | mahara | 1.4 | cpe:2.3:a:mahara:mahara:1.4:rc2:*:*:*:*:*:* |
| mahara | mahara | 1.4 | cpe:2.3:a:mahara:mahara:1.4:rc3:*:*:*:*:*:* |
| mahara | mahara | 1.4 | cpe:2.3:a:mahara:mahara:1.4:rc4:*:*:*:*:*:* |
| mahara | mahara | 1.4.0 | cpe:2.3:a:mahara:mahara:1.4.0:*:*:*:*:*:*:* |
| mahara | mahara | 1.4.1 | cpe:2.3:a:mahara:mahara:1.4.1:*:*:*:*:*:*:* |
| mahara | mahara | 1.4.2 | cpe:2.3:a:mahara:mahara:1.4.2:*:*:*:*:*:*:* |
| mahara | mahara | 1.4.3 | cpe:2.3:a:mahara:mahara:1.4.3:*:*:*:*:*:*:* |
| mahara | mahara | 1.4.4 | cpe:2.3:a:mahara:mahara:1.4.4:*:*:*:*:*:*:* |
| mahara | mahara | 1.5 | cpe:2.3:a:mahara:mahara:1.5:rc1:*:*:*:*:*:* |
Related
cve
cve
CVE-2012-2247
2012-11-24 20:55:02
cvelist
cvelist
CVE-2012-2247
2012-11-24 20:00:00
prion
prion
Cross site scripting
2012-11-24 20:55:00
ubuntucve
ubuntucve
CVE-2012-2247
2012-11-24 00:00:00
openvas
openvas
Debian Security Advisory DSA 2591-1 (mahara - several vulnerabilities)
2013-09-18 00:00:00
Debian: Security Advisory (DSA-2591-1)
2013-09-18 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2591-1] mahara security update
2013-01-02 00:00:00
nessus
nessus
Debian DSA-2591-1 : mahara - several vulnerabilities
2012-12-28 00:00:00
debian
debian
[SECURITY] [DSA 2591-1] mahara security update
2012-12-28 01:08:41
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
7.6
Confidence
High
EPSS
0.002
Percentile
56.9%
Related for NVD:CVE-2012-2247