CVE-2012-1036

Published Apr 11, 2012
Last updated 13 years ago
CVSS info 4.3
Overview

Description: Cross-site scripting (XSS) vulnerability in the telerik HTML editor in DotNetNuke before 5.6.4 and 6.x before 6.1.0 allows remote attackers to inject arbitrary web script or HTML via a message.
Source: cve@mitre.org
NVD status: Analyzed
Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-79
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "869CAA52-4241-4049-A018-A2E3551AED90",
            "versionEndIncluding": "5.6.3"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EB0D105-8943-4DC8-A513-064B1ABC4A9D"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "403D90A9-C191-496A-BBB9-4915D39B675D"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B40DA1D-12CF-4DFF-9364-D60A53ED898D"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39FED945-3341-4736-95C4-88CFE8B48E83"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B9C52F9-E7B7-4EA2-84FD-C78A3EF17893"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EFE03E3-0F41-4921-916F-56CDCCE77602"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7C8162B-2426-48F5-A143-FA7425F961B2"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40D39FE4-5D47-462B-B46E-19F6BE2F6197"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DD98E0F-ABC7-43CF-B2C2-D0027D3D27B0"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFAD2896-6A9C-4953-8074-E689F359C900"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74B90994-F7F0-4BC9-99E4-E798B98899AD"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A6FB531-44C1-4EA1-B69D-0D591673D7C2"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B3A0857-2E5D-4BCD-AAE6-D50FCAE6FF67"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E96050B6-DE09-49DF-8D6D-1F110AC609EC"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E32FB03-B65E-4FD3-9595-ED8D19F2ABD8"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEF953F4-BCAB-4FBA-AEA1-3846E0C19BCD"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CD34D98-57B1-4567-B22A-69BCDA96367B"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E7DD606-ACEC-49F7-968B-93CE92DE0FAD"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3364254-4E9D-4218-BAA6-366A59B3D278"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC69C5AD-E642-4975-BF78-0A87A98C0033"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CF511FB-9BF5-4282-BD46-E7B173B4C554"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60DB93BB-9E8C-495C-B6F9-96DE89864A7D"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25638D29-3B1C-4093-B85F-622EC84168D2"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26FC5FB1-A6CA-4099-8068-6F01A3A15BB7"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1DE6781-FF23-41F3-AC24-4574DB091970"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E03F432-AAEC-49FC-97FE-C816FCC3D8E7"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "805FB485-A468-442F-94B0-FFC51FBB8891"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8FC888B-C2EE-459B-9E57-C11C79BDDDBF"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D38E404-2A46-4014-ABEB-DFAD5AB2EA95"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:6.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD207A4C-44F1-4847-B292-01C8C191B491"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:6.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BDAD531-DE65-4F97-A499-AB22F1141BDB"
          },
          {
            "criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:6.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE49B821-1C36-4309-B51F-0CB8F79D2329"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
