3 matches found
CVE-2012-1039
CVE-2012-1039 involves multiple XSS vulnerabilities in Dotclear up to version 2.4.2. The issues allow remote attackers to inject arbitrary script/HTML via several parameters: login_data (admin/auth.php), nb (admin/blogs.php), type/sortby/order/status (admin/comments.php), and page (admin/plugin.p...
Dotclear 2.4.1.2 Cross Site Scripting
Advisory ID: HTB23074 Product: Dotclear Vendor: Dotclear Vulnerable Versions: 2.4.1.2 and probably prior Tested Version: 2.4.1.2 Vendor Notification: 8 February 2012 Vendor Patch: 9 February 2012 Public Disclosure: 29 February 2012 Vulnerability Type: Cross Site Scripting XSS CVE References:...
Multiple XSS in Dotclear 2.4.1.2
No description provided by source. Advisory ID: HTB23074 Product: Dotclear Vendor: Dotclear Vulnerable Versions: 2.4.1.2 and probably prior Tested Version: 2.4.1.2 Vendor Notification: 8 February 2012 Vendor Patch: 9 February 2012 Public Disclosure: 29 February 2012 Vulnerability Type: Cross Site...