CVE-2012-2768

{"id": "CVE-2012-2768", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2012-08-15T21:55:01.633", "references": [{"url": "http://lists.bestpractical.com/pipermail/rt-announce/2012-July/000208.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/50024", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/50440", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/54689", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77212", "source": "cve@mitre.org"}, {"url": "http://lists.bestpractical.com/pipermail/rt-announce/2012-July/000208.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/50024", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/50440", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/54689", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77212", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the topic administration page in the RTFM extension 2.0.4 through 2.4.3 for Best Practical Solutions RT allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en la p\u00e1gina de administraci\u00f3n de tema en la extensi\u00f3n RTFM v2.0.4 hasta la v2.4.3 para (Best Practical Solutions RT) permite a atacantes remotos inyectar c\u00f3digo web o HTML arbitrario a trav\u00e9s de vectores no especificados."}], "lastModified": "2024-11-21T01:39:35.570", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:best_practical_solutions:request_tracker:2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "551E363E-C32E-4200-8BDA-B32F4449EA5A"}, {"criteria": "cpe:2.3:a:best_practical_solutions:request_tracker:2.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F95BB00B-B22F-4AB3-A578-576876203FC2"}, {"criteria": "cpe:2.3:a:best_practical_solutions:request_tracker:2.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42B3DD1D-9C66-4E73-8A21-7196FBCE9949"}, {"criteria": "cpe:2.3:a:best_practical_solutions:request_tracker:2.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AA68147-5BF1-4462-B45F-3E1BC08C03DA"}, {"criteria": "cpe:2.3:a:best_practical_solutions:request_tracker:2.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53DC7E7D-50F3-46AB-8338-F7C9DB4C0FCD"}, {"criteria": "cpe:2.3:a:best_practical_solutions:request_tracker:2.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C580B2B7-D752-4F78-B436-1F57D03B2F83"}, {"criteria": "cpe:2.3:a:best_practical_solutions:request_tracker:2.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5DEE593-A59D-4078-BC63-B13A78AA28D0"}, {"criteria": "cpe:2.3:a:best_practical_solutions:request_tracker:2.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01C0904A-06CE-48F8-B693-0DB5B56B9033"}, {"criteria": "cpe:2.3:a:best_practical_solutions:request_tracker:2.0.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C1D477B-91E1-4FD4-A8D0-C67965686231"}, {"criteria": "cpe:2.3:a:best_practical_solutions:request_tracker:2.0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B81EE06C-2DC5-4413-88A6-98F54EFDBC2B"}, {"criteria": "cpe:2.3:a:best_practical_solutions:request_tracker:2.0.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C346E237-1CC9-4DDC-9992-E840D9A7E6D9"}, {"criteria": "cpe:2.3:a:best_practical_solutions:request_tracker:2.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE3D2F1F-9B74-4D9A-B1ED-A68638661790"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}