Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-3414
HistoryJul 19, 2013 - 2:36 p.m.

CVE-2012-3414

2013-07-1914:36:00
CWE-79
[email protected]
web.nvd.nist.gov
93
cve-2012-3414
cross-site scripting
xss
swfupload
wordpress 3.3.2
tinymce image manager
nvd

5.4 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.034 Low

EPSS

Percentile

91.4%

JSON

Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the โ€œExternalInterface.callโ€ function.

Related

seebug 1
zdt 2
packetstorm 4
threatpost 2
securityvulns 5
openvas 2
debiancve 2
prion 4
typo3 1
patchstack 1
ubuntucve 2
cve 3
nessus 1
seebug
seebug
Turbomail้‚ฎไปถ็ณป็ปŸXSS-1
2014-12-24 00:00:00
zdt
zdt
Dotclear XSS Vulnerabilities
2013-04-14 00:00:00
Wordpress Plugin (wp-e-commerce v3.8.9.5) Multiple Vulnerabilities
2014-01-23 00:00:00
packetstorm
packetstorm
WordPress 3.3.1 swfupload.swf Cross Site Scripting
2012-11-09 00:00:00
SWF Upload Cross Site Scripting
2012-11-13 00:00:00
Dotclear 2.4.4 Cross Site Scripting / Content Spoofing
2013-04-13 00:00:00
threatpost
threatpost
Issue with SWFUploader Could Lead to XSS Vulnerabilities, Content Spoofing
2013-03-12 19:10:36
Yahoo Mail Breach Linked to Old WordPress Vulnerability
2013-02-01 03:42:54
securityvulns
securityvulns
CS and XSS vulnerabilities in SWFUpload
2013-03-11 00:00:00
XSS and CS vulnerabilities in Dotclear
2013-05-06 00:00:00
XSS vulnerability in swfupload in WordPress
2012-11-18 00:00:00
openvas
openvas
FreeBSD Ports: typo3
2012-08-10 00:00:00
TYPO3 SWFUpload movieName Cross Site Scripting Vulnerability
2014-01-02 00:00:00
debiancve
debiancve
CVE-2012-3414
2013-07-19 14:36:00
CVE-2012-2399
2012-04-21 23:55:00
prion
prion
Cross site scripting
2013-07-19 14:36:00
Design/Logic Flaw
2022-06-30 13:15:00
Cross site scripting
2012-04-21 23:55:00
typo3
typo3
Cross-Site Scripting Vulnerability in TYPO3 Core
2012-07-04 00:00:00
patchstack
patchstack
WordPress SWFUpload Plugin <= 2.2.0.1 - XSS #1
2012-06-14 00:00:00
ubuntucve
ubuntucve
CVE-2012-3414
2013-07-19 00:00:00
CVE-2012-2399
2012-04-21 00:00:00
cve
cve
CVE-2013-4146
2022-06-30 13:15:00
CVE-2012-2399
2012-04-21 23:55:00
CVE-2013-4145
2014-04-27 04:32:00
nessus
nessus
WordPress < 3.3.2 Multiple Vulnerabilities
2012-05-09 00:00:00

5.4 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.034 Low

EPSS

Percentile

91.4%

JSON
Related for CVE-2012-3414
seebug1zdt2packetstorm4threatpost2securityvulns5openvas2debiancve2prion4typo31patchstack1ubuntucve2cve3nessus1