CVE

Id
54262  
CVE No.
CVE-2012-1019  
Status
Candidate  
Description
Multiple cross-site scripting (XSS) vulnerabilities in XWiki Enterprise 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) XWiki.XWikiComments_comment parameter to xwiki/bin/commentadd/Main/WebHome, (2) XWiki.XWikiUsers_0_company parameter when editing a user profile, or (3) projectVersion parameter to xwiki/bin/view/DownloadCode/DownloadFeedback. NOTE: some of these details are obtained from third party information.  
Phase
Assigned (20120207)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
570224 54262 CVE-2012-1019 MISC:http://packetstormsecurity.org/files/109447/XWiki-Enterprise-3.4-Cross-Site-Scripting.html  View
570225 54262 CVE-2012-1019 MISC:http://st2tea.blogspot.com/2012/02/xwiki-cross-site-scripting.html  View
570226 54262 CVE-2012-1019 BID:51867  View
570227 54262 CVE-2012-1019 URL:http://www.securityfocus.com/bid/51867  View
570228 54262 CVE-2012-1019 SECUNIA:47885  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
25638 JVNDB-2012-001345 Enigma2 Webinterface のファイルにおけるディレクトリトラバーサルの脆弱性 Enigma2 Webinterface のファイルには、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2012-1024 54262 5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001345.html  View