Lucene search

[email protected]CVE-2012-6527

HistoryJan 31, 2013 - 5:44 a.m.

CVE-2012-6527

2013-01-3105:44:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2012-6527

cross-site scripting

xss

my calendar

wordpress

vulnerability

web script

html

path_info

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.1%

JSON

Cross-site scripting (XSS) vulnerability in the My Calendar plugin before 1.10.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

Affected configurations

NVD

Node

joedolsonmy_calendarRange≤1.10.1

joedolsonmy_calendarMatch1.1.0

joedolsonmy_calendarMatch1.2.0

joedolsonmy_calendarMatch1.2.1

joedolsonmy_calendarMatch1.4.0

joedolsonmy_calendarMatch1.4.1

joedolsonmy_calendarMatch1.4.2

joedolsonmy_calendarMatch1.4.3

joedolsonmy_calendarMatch1.4.4

joedolsonmy_calendarMatch1.4.5

joedolsonmy_calendarMatch1.4.6

joedolsonmy_calendarMatch1.4.7

joedolsonmy_calendarMatch1.4.8

joedolsonmy_calendarMatch1.4.9

joedolsonmy_calendarMatch1.4.10

joedolsonmy_calendarMatch1.5.0

joedolsonmy_calendarMatch1.5.1

joedolsonmy_calendarMatch1.5.2

joedolsonmy_calendarMatch1.5.3

joedolsonmy_calendarMatch1.5.4

joedolsonmy_calendarMatch1.6.0

joedolsonmy_calendarMatch1.6.1

joedolsonmy_calendarMatch1.6.2

joedolsonmy_calendarMatch1.6.3

joedolsonmy_calendarMatch1.7.0

joedolsonmy_calendarMatch1.7.1

joedolsonmy_calendarMatch1.7.2

joedolsonmy_calendarMatch1.7.3

joedolsonmy_calendarMatch1.7.4

joedolsonmy_calendarMatch1.7.6

joedolsonmy_calendarMatch1.7.7

joedolsonmy_calendarMatch1.7.8

joedolsonmy_calendarMatch1.8.0

joedolsonmy_calendarMatch1.8.1

joedolsonmy_calendarMatch1.8.2

joedolsonmy_calendarMatch1.8.3

joedolsonmy_calendarMatch1.8.4

joedolsonmy_calendarMatch1.8.5

joedolsonmy_calendarMatch1.8.6

joedolsonmy_calendarMatch1.8.7

joedolsonmy_calendarMatch1.8.8

joedolsonmy_calendarMatch1.8.9

joedolsonmy_calendarMatch1.9.0

joedolsonmy_calendarMatch1.9.1

joedolsonmy_calendarMatch1.9.2

joedolsonmy_calendarMatch1.9.3

joedolsonmy_calendarMatch1.9.4

joedolsonmy_calendarMatch1.9.5

joedolsonmy_calendarMatch1.9.6

joedolsonmy_calendarMatch1.9.7

joedolsonmy_calendarMatch1.9.8

joedolsonmy_calendarMatch1.10.0

AND

wordpresswordpressMatch-

CPENameOperatorVersion
joedolson:my_calendarjoedolson my calendarle1.10.1
joedolson:my_calendarjoedolson my calendareq1.1.0
joedolson:my_calendarjoedolson my calendareq1.2.0
joedolson:my_calendarjoedolson my calendareq1.2.1
joedolson:my_calendarjoedolson my calendareq1.4.0
joedolson:my_calendarjoedolson my calendareq1.4.1
joedolson:my_calendarjoedolson my calendareq1.4.2
joedolson:my_calendarjoedolson my calendareq1.4.3
joedolson:my_calendarjoedolson my calendareq1.4.4
joedolson:my_calendarjoedolson my calendareq1.4.5

CPE	Name	Operator	Version
joedolson:my_calendar	joedolson my calendar	le	1.10.1
joedolson:my_calendar	joedolson my calendar	eq	1.1.0
joedolson:my_calendar	joedolson my calendar	eq	1.2.0
joedolson:my_calendar	joedolson my calendar	eq	1.2.1
joedolson:my_calendar	joedolson my calendar	eq	1.4.0
joedolson:my_calendar	joedolson my calendar	eq	1.4.1
joedolson:my_calendar	joedolson my calendar	eq	1.4.2
joedolson:my_calendar	joedolson my calendar	eq	1.4.3
joedolson:my_calendar	joedolson my calendar	eq	1.4.4
joedolson:my_calendar	joedolson my calendar	eq	1.4.5