Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-6662
HistoryNov 24, 2014 - 12:00 a.m.

CVE-2012-6662

2014-11-2400:00:00
ubuntu.com
ubuntu.com
13

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.003

Percentile

66.0%

Cross-site scripting (XSS) vulnerability in the default content option in
jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0
allows remote attackers to inject arbitrary web script or HTML via the
title attribute, which is not properly handled in the autocomplete combo
box demo.

Bugs

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.003

Percentile

66.0%