CVE-2012-4071

Cross-site scripting (XSS) vulnerability in the comments module in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to inject arbitrary web script or HTML via crafted BBCode markup in a comment.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:rsgallery2:com_rsgallery2:*:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.9.0-4:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.9.4:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.9.5:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.2:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.5:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.6:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.7:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.8:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.9:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.10:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.11:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.13:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.14:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.2:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.3:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.4:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.5:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.6:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.7:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.8:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.10:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.11:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.12.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.12.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.12.2:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.13.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.13.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.14.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.14.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:2.1.0:beta:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:2.2.0:*:*:*:*:*:*:*
OR cpe:2.3:a:joomla:joomla\!:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.5:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.6:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.7:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.8:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.9:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.10:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.11:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.12:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.13:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.14:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.15:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.15:rc:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.16:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.17:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.18:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.19:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.20:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.21:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.22:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.23:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.24:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.25:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:1.5.26:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:rsgallery2:com_rsgallery2:*:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.9.0-4:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.9.4:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.9.5:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.2:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.5:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.6:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.7:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.8:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.9:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.10:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.11:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.13:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.10.14:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.2:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.3:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.4:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.5:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.6:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.7:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.8:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.10:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.11.11:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.12.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.12.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.12.2:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.13.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.13.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.14.0:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:1.14.1:alpha:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:2.1.0:beta:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:rsgallery2:com_rsgallery2:3.0.1:*:*:*:*:*:*:*
OR cpe:2.3:a:joomla:joomla\!:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:2.5.6:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-08-10 10:34

Updated : 2024-02-04 18:16


NVD link : CVE-2012-4071

Mitre link : CVE-2012-4071

CVE.ORG link : CVE-2012-4071


JSON object : View

Products Affected

joomla

  • joomla\!

rsgallery2

  • com_rsgallery2
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')