Lucene search

[email protected]CVE-2012-1992

HistoryApr 11, 2012 - 10:39 a.m.

CVE-2012-1992

2012-04-1110:39:27

CWE-79

[email protected]

web.nvd.nist.gov

cve-2012-1992

cross-site scripting

xss vulnerability

cms made simple

admin

edit user

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.1%

JSON

Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter (aka the Email Address field in the Edit User template).

Affected configurations

NVD

Node

cmsmadesimplecms_made_simpleRange≤1.10.3

cmsmadesimplecms_made_simpleMatch0.1

cmsmadesimplecms_made_simpleMatch0.2

cmsmadesimplecms_made_simpleMatch0.2.1

cmsmadesimplecms_made_simpleMatch0.3

cmsmadesimplecms_made_simpleMatch0.3.1

cmsmadesimplecms_made_simpleMatch0.3.2

cmsmadesimplecms_made_simpleMatch0.4

cmsmadesimplecms_made_simpleMatch0.4.1

cmsmadesimplecms_made_simpleMatch0.5

cmsmadesimplecms_made_simpleMatch0.5.1

cmsmadesimplecms_made_simpleMatch0.6

cmsmadesimplecms_made_simpleMatch0.6.1

cmsmadesimplecms_made_simpleMatch0.6.2

cmsmadesimplecms_made_simpleMatch0.6.3

cmsmadesimplecms_made_simpleMatch0.7

cmsmadesimplecms_made_simpleMatch0.7.1

cmsmadesimplecms_made_simpleMatch0.7.2

cmsmadesimplecms_made_simpleMatch0.7.3

cmsmadesimplecms_made_simpleMatch0.8

cmsmadesimplecms_made_simpleMatch0.8.1

cmsmadesimplecms_made_simpleMatch0.8.2

cmsmadesimplecms_made_simpleMatch0.9

cmsmadesimplecms_made_simpleMatch0.9.1

cmsmadesimplecms_made_simpleMatch0.9.2

cmsmadesimplecms_made_simpleMatch0.10

cmsmadesimplecms_made_simpleMatch0.10.1

cmsmadesimplecms_made_simpleMatch0.10.2

cmsmadesimplecms_made_simpleMatch0.10.3

cmsmadesimplecms_made_simpleMatch0.10.4

cmsmadesimplecms_made_simpleMatch0.11

cmsmadesimplecms_made_simpleMatch0.11beta5

cmsmadesimplecms_made_simpleMatch0.11beta6

cmsmadesimplecms_made_simpleMatch0.11.1

cmsmadesimplecms_made_simpleMatch0.11.2

cmsmadesimplecms_made_simpleMatch0.12

cmsmadesimplecms_made_simpleMatch0.12beta1

cmsmadesimplecms_made_simpleMatch0.12beta2

cmsmadesimplecms_made_simpleMatch0.12.1

cmsmadesimplecms_made_simpleMatch0.12.2

cmsmadesimplecms_made_simpleMatch0.13

cmsmadesimplecms_made_simpleMatch0.13beta1

cmsmadesimplecms_made_simpleMatch0.13beta2

cmsmadesimplecms_made_simpleMatch0.13beta3

cmsmadesimplecms_made_simpleMatch1.0

cmsmadesimplecms_made_simpleMatch1.0beta1

cmsmadesimplecms_made_simpleMatch1.0beta2

cmsmadesimplecms_made_simpleMatch1.0beta3

cmsmadesimplecms_made_simpleMatch1.0beta4

cmsmadesimplecms_made_simpleMatch1.0beta5

cmsmadesimplecms_made_simpleMatch1.0beta6

cmsmadesimplecms_made_simpleMatch1.0.1

cmsmadesimplecms_made_simpleMatch1.0.2

cmsmadesimplecms_made_simpleMatch1.0.3

cmsmadesimplecms_made_simpleMatch1.0.4

cmsmadesimplecms_made_simpleMatch1.0.5

cmsmadesimplecms_made_simpleMatch1.0.6

cmsmadesimplecms_made_simpleMatch1.0.7

cmsmadesimplecms_made_simpleMatch1.0.8

cmsmadesimplecms_made_simpleMatch1.1

cmsmadesimplecms_made_simpleMatch1.1rc1

cmsmadesimplecms_made_simpleMatch1.1rc2

cmsmadesimplecms_made_simpleMatch1.1rc3

cmsmadesimplecms_made_simpleMatch1.1.1

cmsmadesimplecms_made_simpleMatch1.1.2

cmsmadesimplecms_made_simpleMatch1.1.3

cmsmadesimplecms_made_simpleMatch1.1.3.1

cmsmadesimplecms_made_simpleMatch1.1.4

cmsmadesimplecms_made_simpleMatch1.1.4.1

cmsmadesimplecms_made_simpleMatch1.2

cmsmadesimplecms_made_simpleMatch1.2beta1

cmsmadesimplecms_made_simpleMatch1.2beta2

cmsmadesimplecms_made_simpleMatch1.2beta3

cmsmadesimplecms_made_simpleMatch1.2rc1

cmsmadesimplecms_made_simpleMatch1.2.1

cmsmadesimplecms_made_simpleMatch1.2.2

cmsmadesimplecms_made_simpleMatch1.2.3

cmsmadesimplecms_made_simpleMatch1.2.4

cmsmadesimplecms_made_simpleMatch1.2.5

cmsmadesimplecms_made_simpleMatch1.3

cmsmadesimplecms_made_simpleMatch1.3beta1

cmsmadesimplecms_made_simpleMatch1.3beta2

cmsmadesimplecms_made_simpleMatch1.3.1

cmsmadesimplecms_made_simpleMatch1.4

cmsmadesimplecms_made_simpleMatch1.4beta1

cmsmadesimplecms_made_simpleMatch1.4beta2

cmsmadesimplecms_made_simpleMatch1.4.1

cmsmadesimplecms_made_simpleMatch1.5

cmsmadesimplecms_made_simpleMatch1.5beta1

cmsmadesimplecms_made_simpleMatch1.5.1

cmsmadesimplecms_made_simpleMatch1.5.2

cmsmadesimplecms_made_simpleMatch1.5.3

cmsmadesimplecms_made_simpleMatch1.5.4

cmsmadesimplecms_made_simpleMatch1.6

cmsmadesimplecms_made_simpleMatch1.6.1

cmsmadesimplecms_made_simpleMatch1.6.2

cmsmadesimplecms_made_simpleMatch1.6.3

cmsmadesimplecms_made_simpleMatch1.6.4

cmsmadesimplecms_made_simpleMatch1.6.5

cmsmadesimplecms_made_simpleMatch1.6.6

cmsmadesimplecms_made_simpleMatch1.6.7

cmsmadesimplecms_made_simpleMatch1.6.8

cmsmadesimplecms_made_simpleMatch1.7

cmsmadesimplecms_made_simpleMatch1.7.1

cmsmadesimplecms_made_simpleMatch1.8

cmsmadesimplecms_made_simpleMatch1.8.1

cmsmadesimplecms_made_simpleMatch1.8.2

cmsmadesimplecms_made_simpleMatch1.9

cmsmadesimplecms_made_simpleMatch1.9.1

cmsmadesimplecms_made_simpleMatch1.9.2

cmsmadesimplecms_made_simpleMatch1.9.3

cmsmadesimplecms_made_simpleMatch1.9.4

cmsmadesimplecms_made_simpleMatch1.9.4.1

cmsmadesimplecms_made_simpleMatch1.9.4.2

cmsmadesimplecms_made_simpleMatch1.9.4.3

cmsmadesimplecms_made_simpleMatch1.10

cmsmadesimplecms_made_simpleMatch1.10.1

cmsmadesimplecms_made_simpleMatch1.10.2

CPENameOperatorVersion
cmsmadesimple:cms_made_simplecmsmadesimple cms made simplele1.10.3
cmsmadesimple:cms_made_simplecmsmadesimple cms made simpleeq0.1
cmsmadesimple:cms_made_simplecmsmadesimple cms made simpleeq0.2
cmsmadesimple:cms_made_simplecmsmadesimple cms made simpleeq0.2.1
cmsmadesimple:cms_made_simplecmsmadesimple cms made simpleeq0.3
cmsmadesimple:cms_made_simplecmsmadesimple cms made simpleeq0.3.1
cmsmadesimple:cms_made_simplecmsmadesimple cms made simpleeq0.3.2
cmsmadesimple:cms_made_simplecmsmadesimple cms made simpleeq0.4
cmsmadesimple:cms_made_simplecmsmadesimple cms made simpleeq0.4.1
cmsmadesimple:cms_made_simplecmsmadesimple cms made simpleeq0.5

CPE	Name	Operator	Version
cmsmadesimple:cms_made_simple	cmsmadesimple cms made simple	le	1.10.3
cmsmadesimple:cms_made_simple	cmsmadesimple cms made simple	eq	0.1
cmsmadesimple:cms_made_simple	cmsmadesimple cms made simple	eq	0.2
cmsmadesimple:cms_made_simple	cmsmadesimple cms made simple	eq	0.2.1
cmsmadesimple:cms_made_simple	cmsmadesimple cms made simple	eq	0.3
cmsmadesimple:cms_made_simple	cmsmadesimple cms made simple	eq	0.3.1
cmsmadesimple:cms_made_simple	cmsmadesimple cms made simple	eq	0.3.2
cmsmadesimple:cms_made_simple	cmsmadesimple cms made simple	eq	0.4
cmsmadesimple:cms_made_simple	cmsmadesimple cms made simple	eq	0.4.1
cmsmadesimple:cms_made_simple	cmsmadesimple cms made simple	eq	0.5

Rows per page:

1-10 of 931

References

www.securityfocus.com/bid/52850

www.webapp-security.com/wp-content/uploads/2012/04/CMS-Made-Simple-1.10.3-XSS-Vulnerability2.txt

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.1%

JSON

Related for CVE-2012-1992

packetstorm1 prion1 cvelist1 nvd1