CVE-2012-1034

{"id": "CVE-2012-1034", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2012-02-08T11:55:03.937", "references": [{"url": "http://secunia.com/advisories/47910", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/", "source": "cve@mitre.org"}, {"url": "http://world.episerver.com/PageFiles/110367/BugList.txt", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/51877", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en la interfaz de administrador en EPiServer CMS hasta 6R2 permite a atacantes remotos inyectar c\u00f3digo web script o HTML a trav\u00e9s de vectores no especificados."}], "lastModified": "2012-02-14T04:11:16.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:episerver:episerver_cms:5.1.422.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA4708D8-7D1D-45A2-B8AB-37D3C9FDE8DB"}, {"criteria": "cpe:2.3:a:episerver:episerver_cms:5.1.422.122:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3A9EECC-992F-407B-B0FB-F3B4F13BA375"}, {"criteria": "cpe:2.3:a:episerver:episerver_cms:5.1.422.256:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F91AA207-464D-433D-8075-4E05DF5E63D5"}, {"criteria": "cpe:2.3:a:episerver:episerver_cms:5.1.422.267:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFCAEBA3-D8F7-4964-9A43-73FDF31A7006"}, {"criteria": "cpe:2.3:a:episerver:episerver_cms:5.2.375.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC249D83-8293-45CD-815B-3D953B02CF0C"}, {"criteria": "cpe:2.3:a:episerver:episerver_cms:5.2.375.133:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8F88DC9-64AE-4896-BC6F-FB30C9B942D3"}, {"criteria": "cpe:2.3:a:episerver:episerver_cms:5.2.375.236:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F8E49CA-CC2C-42A8-862E-E0A8AEDB332B"}, {"criteria": "cpe:2.3:a:episerver:episerver_cms:6.0.530.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9504F8E-CB51-4914-A850-3076083A6BFD"}, {"criteria": "cpe:2.3:a:episerver:episerver_cms:6.1.379.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE869BD5-0238-4829-B5C6-FECE1A5709DC"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}