CVE-2012-1070Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2012-1070 | First vendor Publication | 2012-02-14 |
| Vendor | Cve | Last vendor Modification | 2012-02-15 |
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 4.3 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentification | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
Cross-site scripting (XSS) vulnerability in the Modern FAQ (irfaq) extension 1.1.2 and other versions before 1.1.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the "return url parameter." |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1070 |
CWE : Common Weakness Enumeration
| id | Name |
|---|---|
| CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 5 |
Internal Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2013-05-10 22:34:37 |
|
