CPANSA-RT-Extension-MobileUI-2012-01: RT-Extension-MobileUI vulnerability
| Publisher | giterlizzi | Document category | csaf_security_advisory |
|---|---|---|---|
| Initial release date | 2012-05-18T00:00:00 | Engine | CSAF Perl Toolkit 0.25 |
| Current release date | 2012-05-18T00:00:00 | Build Date | |
| Current version | 1 | Status | final |
| CVSS v3.1 Base Score | Severity | ||
| Original language | Language | en | |
| Also referred to | |||
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the topic administration page.
Vulnerabilities
CVE-2012-2769
Vulnerability DescriptionMultiple cross-site scripting (XSS) vulnerabilities in the topic administration page in the Extension::MobileUI extension before 1.02 for Best Practical Solutions RT 3.8.x and in Best Practical Solutions RT before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
| Weakness | CWE-79 : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
|---|
Product status
Known affected
| Product | Score | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| RT-Extension-MobileUI less than 1.02 |
|
Fixed
- RT-Extension-MobileUI greater than or equal 1.02
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-RT-Extension-MobileUI-2012-01 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2012/cpansa-rt-extension-mobileui-2012-01.json - https://metacpan.org/changes/distribution/RT-Extension-MobileUI external
https://metacpan.org/changes/distribution/RT-Extension-MobileUI - CVE-2012-2769 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2012-2769
Revision history
| Version | Date of the revision | Summary of the revision |
|---|---|---|
| 1 | Fri May 18 00:00:00 2012 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/