Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-2644
cve-2012-2644
cross-site scripting
xss
mt4i plugin
movable type
remote attackers
security vulnerability
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
50.8%
Cross-site scripting (XSS) vulnerability in the MT4i plugin 3.1 beta 4 and earlier for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-2642.
Affected configurations
Node
hazamamt4iRange≤3.1beta_4
ORsix_apartmovable_type
| CPE | Name | Operator | Version |
|---|---|---|---|
| hazama:mt4i | hazama mt4i | le | 3.1 |
Related
prion
prion
Cross site scripting
2012-07-07 10:21:00
Cross site scripting
2012-07-07 10:21:00
cvelist
cvelist
CVE-2012-2642
2022-10-03 16:15:36
CVE-2012-2644
2022-10-03 16:15:35
nvd
nvd
CVE-2012-2642
2012-07-07 10:21:13
CVE-2012-2644
2012-07-07 10:21:13
cve
cve
CVE-2012-2642
2022-10-03 16:15:36
jvn
jvn
JVN#79111101: Movable Type plugin MT4i vulnerable to cross-site scripting
2012-07-06 00:00:00
JVN#80835745: Movable Type plugin MT4i vulnerable to cross-site scripting
2012-07-06 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
50.8%
Related for CVE-2012-2644