CVE-2012-2381
Published Jun 26, 2012
Last updated 11 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller before 5.0.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the blogger role.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:roller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D20B87F4-A828-41E5-8AC8-25985C7F319C",
"versionEndIncluding": "5.0"
},
{
"criteria": "cpe:2.3:a:apache:roller:0.9.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F70FBEB-3A04-40BF-8AA8-3F9AF53F0920"
},
{
"criteria": "cpe:2.3:a:apache:roller:0.9.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6993AA5A-A5C1-4B30-8F6A-38C061A366B7"
},
{
"criteria": "cpe:2.3:a:apache:roller:0.9.6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "523BDB39-09A2-4319-931D-3D8504B0B126"
},
{
"criteria": "cpe:2.3:a:apache:roller:0.9.6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8080AE6C-BA70-41BC-AC6F-94548676FC77"
},
{
"criteria": "cpe:2.3:a:apache:roller:0.9.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28B31498-7E52-4BCE-A58D-68F2CED9B620"
},
{
"criteria": "cpe:2.3:a:apache:roller:0.9.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA136C3F-4B08-4845-8FA8-DA5A7767CB2E"
},
{
"criteria": "cpe:2.3:a:apache:roller:0.9.7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F376A413-525A-41BF-8D00-1DC55226CDF3"
},
{
"criteria": "cpe:2.3:a:apache:roller:0.9.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "018B884B-9D02-4959-9130-10C75530A91F"
},
{
"criteria": "cpe:2.3:a:apache:roller:0.9.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "284BF572-5605-4B6E-8FBF-754E54F12CEC"
},
{
"criteria": "cpe:2.3:a:apache:roller:0.9.8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF1117E1-4451-4F5E-B925-04566199DB6B"
},
{
"criteria": "cpe:2.3:a:apache:roller:0.9.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F86BCB32-C632-40D6-B4E4-FBBE87CAA3D8"
},
{
"criteria": "cpe:2.3:a:apache:roller:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BEAE344-2BD7-4B2E-861F-1520196B8D4E"
},
{
"criteria": "cpe:2.3:a:apache:roller:1.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C14BE36-AB4E-4BFD-9B11-09A727FEC11A"
},
{
"criteria": "cpe:2.3:a:apache:roller:1.0:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "988BB150-C424-4D34-852D-6969CF0172CC"
},
{
"criteria": "cpe:2.3:a:apache:roller:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8361AAA-B0C9-430D-A8EC-442011D3D42C"
},
{
"criteria": "cpe:2.3:a:apache:roller:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "577EFDD0-F00E-4998-90E6-9E3C667A633C"
},
{
"criteria": "cpe:2.3:a:apache:roller:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53EE6EAE-2A06-406D-81B1-C75AF74DBC8E"
},
{
"criteria": "cpe:2.3:a:apache:roller:1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AFB95A89-FC3A-412B-A014-110A38713281"
},
{
"criteria": "cpe:2.3:a:apache:roller:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B015301F-79BE-4FDB-940C-F285175C842A"
},
{
"criteria": "cpe:2.3:a:apache:roller:1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "074B2F86-B547-44CB-A48E-11D563D5015A"
},
{
"criteria": "cpe:2.3:a:apache:roller:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C0E92CA-3474-4EDA-939E-91E6317AADA5"
},
{
"criteria": "cpe:2.3:a:apache:roller:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C3EDA62-3386-4E44-AD29-54FAEF630E9D"
},
{
"criteria": "cpe:2.3:a:apache:roller:2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5EF26410-650F-49F3-B25E-F068FF0A9AE9"
},
{
"criteria": "cpe:2.3:a:apache:roller:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A534608D-B224-41CC-ADDA-024D2546DD8B"
},
{
"criteria": "cpe:2.3:a:apache:roller:2.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "161EC86B-F5D3-4CFE-95DB-096646B8C34F"
},
{
"criteria": "cpe:2.3:a:apache:roller:2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C4F6585-17A3-4EF7-AF04-609AEAA3084F"
},
{
"criteria": "cpe:2.3:a:apache:roller:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "113D4B57-9D4E-408B-A1D0-80CAE862CF77"
},
{
"criteria": "cpe:2.3:a:apache:roller:3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B13BC4B-6DC9-44CD-AC45-DF4CDBF6BA30"
},
{
"criteria": "cpe:2.3:a:apache:roller:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB9B4815-4B5F-488A-B498-1065E74ECA05"
},
{
"criteria": "cpe:2.3:a:apache:roller:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "558E1D25-794A-49EF-AEEA-35B0A697634D"
}
],
"operator": "OR"
}
]
}
]