Lucene search
HistoryNov 24, 2012 - 8:55 p.m.
CVE-2012-2247
security
cve-2012-2247
mahara
xss
vulnerability
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
7.2 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
56.9%
Cross-site scripting (XSS) vulnerability in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to artefact/file/ and a crafted SVG file.
Affected configurations
Node
maharamaharaMatch1.4rc1
ORmaharamaharaMatch1.4rc2
ORmaharamaharaMatch1.4rc3
ORmaharamaharaMatch1.4rc4
ORmaharamaharaMatch1.4.0
ORmaharamaharaMatch1.4.1
ORmaharamaharaMatch1.4.2
ORmaharamaharaMatch1.4.3
ORmaharamaharaMatch1.4.4
Node
maharamaharaMatch1.5rc1
ORmaharamaharaMatch1.5rc2
ORmaharamaharaMatch1.5.0
ORmaharamaharaMatch1.5.1
ORmaharamaharaMatch1.5.2
ORmaharamaharaMatch1.5.3
Related
cvelist
cvelist
CVE-2012-2247
2012-11-24 20:00:00
ubuntucve
ubuntucve
CVE-2012-2247
2012-11-24 00:00:00
prion
prion
Cross site scripting
2012-11-24 20:55:00
nvd
nvd
CVE-2012-2247
2012-11-24 20:55:02
openvas
openvas
Debian Security Advisory DSA 2591-1 (mahara - several vulnerabilities)
2013-09-18 00:00:00
Debian: Security Advisory (DSA-2591-1)
2013-09-18 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2591-1] mahara security update
2013-01-02 00:00:00
nessus
nessus
Debian DSA-2591-1 : mahara - several vulnerabilities
2012-12-28 00:00:00
debian
debian
[SECURITY] [DSA 2591-1] mahara security update
2012-12-28 01:08:41
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
7.2 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
56.9%
Related for CVE-2012-2247