Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-1036
cve-2012-1036
cross-site scripting
xss
telerik
html editor
dotnetnuke
nvd
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
45.8%
Cross-site scripting (XSS) vulnerability in the telerik HTML editor in DotNetNuke before 5.6.4 and 6.x before 6.1.0 allows remote attackers to inject arbitrary web script or HTML via a message.
Affected configurations
Node
dotnetnukedotnetnukeRange≤5.6.3
ORdotnetnukedotnetnukeMatch4.9.0
ORdotnetnukedotnetnukeMatch4.9.1
ORdotnetnukedotnetnukeMatch4.9.2
ORdotnetnukedotnetnukeMatch4.9.3
ORdotnetnukedotnetnukeMatch4.9.4
ORdotnetnukedotnetnukeMatch4.9.5
ORdotnetnukedotnetnukeMatch5.0.0
ORdotnetnukedotnetnukeMatch5.0.1
ORdotnetnukedotnetnukeMatch5.1.0
ORdotnetnukedotnetnukeMatch5.1.1
ORdotnetnukedotnetnukeMatch5.1.2
ORdotnetnukedotnetnukeMatch5.1.3
ORdotnetnukedotnetnukeMatch5.1.4
ORdotnetnukedotnetnukeMatch5.2.0
ORdotnetnukedotnetnukeMatch5.2.1
ORdotnetnukedotnetnukeMatch5.2.2
ORdotnetnukedotnetnukeMatch5.2.3
ORdotnetnukedotnetnukeMatch5.3.0
ORdotnetnukedotnetnukeMatch5.3.1
ORdotnetnukedotnetnukeMatch5.4.0
ORdotnetnukedotnetnukeMatch5.4.1
ORdotnetnukedotnetnukeMatch5.4.2
ORdotnetnukedotnetnukeMatch5.4.3
ORdotnetnukedotnetnukeMatch5.4.4
ORdotnetnukedotnetnukeMatch5.5.0
ORdotnetnukedotnetnukeMatch5.5.1
ORdotnetnukedotnetnukeMatch5.6.0
ORdotnetnukedotnetnukeMatch5.6.1
ORdotnetnukedotnetnukeMatch5.6.2
Node
dotnetnukedotnetnukeMatch6.0.0
ORdotnetnukedotnetnukeMatch6.0.1
ORdotnetnukedotnetnukeMatch6.0.2
Related
nvd
nvd
CVE-2012-1036
2012-04-11 10:39:26
cvelist
cvelist
CVE-2012-1036
2022-10-03 16:15:24
msvr
msvr
Vulnerability in DotNetNuke Could Allow Arbitrary Script Execution
2012-02-21 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2018-11-16 01:50:11
prion
prion
Cross site scripting
2012-04-11 10:39:00
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
45.8%
Related for CVE-2012-1036