Lucene search

[email protected]CVE-2012-4563

HistoryNov 20, 2012 - 12:55 a.m.

CVE-2012-4563

2012-11-2000:55:01

CWE-79

[email protected]

web.nvd.nist.gov

cve-2012-4563

cross-site scripting

xss

google web toolkit

gwt

web security

vulnerability

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.6%

JSON

Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2.4 Beta and release candidates before 2.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

googleweb_toolkitMatch2.4beta

CPENameOperatorVersion
google:web_toolkitgoogle web toolkiteq2.4

CPE	Name	Operator	Version
google:web_toolkit	google web toolkit	eq	2.4

References

www.openwall.com/lists/oss-security/2012/10/31/1

www.securityfocus.com/bid/56336

developers.google.com/web-toolkit/release-notes#Release_Notes_2_4_0

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.6%

JSON

Related for CVE-2012-4563

nvd2 cvelist2 prion2 ibm1 cve1 ubuntucve1