Lucene search

K

MitreCVELIST:CVE-2012-1262

HistoryMar 03, 2012 - 2:00 a.m.

CVE-2012-1262

2012-03-0302:00:00

mitre

www.cve.org

5.4 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.5%

Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.

References

jvn.jp/en/jp/JVN49836527/index.html

jvndb.jvn.jp/jvndb/JVNDB-2012-000016

osvdb.org/79470

packetstormsecurity.org/files/110203/Movable-Type-Publishing-Platform-Cross-Site-Scripting.html

seclists.org/fulldisclosure/2012/Feb/407

www.debian.org/security/2012/dsa-2423

www.movabletype.org/2012/02/movable_type_513_507_and_438_security_updates.html

www.movabletype.org/documentation/appendices/release-notes/513.html

www.securityfocus.com/bid/52138

www.securitytracker.com/id?1026738

exchange.xforce.ibmcloud.com/vulnerabilities/73411

exchange.xforce.ibmcloud.com/vulnerabilities/73480

www.trustwave.com/spiderlabs/advisories/TWSL2012-003.txt

5.4 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.5%

Related for CVELIST:CVE-2012-1262

cve2 prion2 nvd2 ubuntucve2 cvelist1 packetstorm1 jvn1 nessus1 openvas2 securityvulns1