CVE-2012-1036
Published Apr 11, 2012
Last updated 13 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in the telerik HTML editor in DotNetNuke before 5.6.4 and 6.x before 6.1.0 allows remote attackers to inject arbitrary web script or HTML via a message.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "869CAA52-4241-4049-A018-A2E3551AED90",
"versionEndIncluding": "5.6.3"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6EB0D105-8943-4DC8-A513-064B1ABC4A9D"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "403D90A9-C191-496A-BBB9-4915D39B675D"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B40DA1D-12CF-4DFF-9364-D60A53ED898D"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39FED945-3341-4736-95C4-88CFE8B48E83"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B9C52F9-E7B7-4EA2-84FD-C78A3EF17893"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:4.9.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4EFE03E3-0F41-4921-916F-56CDCCE77602"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7C8162B-2426-48F5-A143-FA7425F961B2"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40D39FE4-5D47-462B-B46E-19F6BE2F6197"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0DD98E0F-ABC7-43CF-B2C2-D0027D3D27B0"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFAD2896-6A9C-4953-8074-E689F359C900"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74B90994-F7F0-4BC9-99E4-E798B98899AD"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A6FB531-44C1-4EA1-B69D-0D591673D7C2"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B3A0857-2E5D-4BCD-AAE6-D50FCAE6FF67"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E96050B6-DE09-49DF-8D6D-1F110AC609EC"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E32FB03-B65E-4FD3-9595-ED8D19F2ABD8"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEF953F4-BCAB-4FBA-AEA1-3846E0C19BCD"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CD34D98-57B1-4567-B22A-69BCDA96367B"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E7DD606-ACEC-49F7-968B-93CE92DE0FAD"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3364254-4E9D-4218-BAA6-366A59B3D278"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC69C5AD-E642-4975-BF78-0A87A98C0033"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CF511FB-9BF5-4282-BD46-E7B173B4C554"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60DB93BB-9E8C-495C-B6F9-96DE89864A7D"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25638D29-3B1C-4093-B85F-622EC84168D2"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26FC5FB1-A6CA-4099-8068-6F01A3A15BB7"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1DE6781-FF23-41F3-AC24-4574DB091970"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E03F432-AAEC-49FC-97FE-C816FCC3D8E7"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "805FB485-A468-442F-94B0-FFC51FBB8891"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8FC888B-C2EE-459B-9E57-C11C79BDDDBF"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:5.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D38E404-2A46-4014-ABEB-DFAD5AB2EA95"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:6.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD207A4C-44F1-4847-B292-01C8C191B491"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:6.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4BDAD531-DE65-4F97-A499-AB22F1141BDB"
},
{
"criteria": "cpe:2.3:a:dotnetnuke:dotnetnuke:6.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BE49B821-1C36-4309-B51F-0CB8F79D2329"
}
],
"operator": "OR"
}
]
}
]