CVE

Id
59388  
CVE No.
CVE-2012-6145  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.  
Phase
Assigned (20121206)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
604958 59388 CVE-2012-6145 MLIST:[oss-security] 20130619 Re: Re: [Ticket#2012111110000015] TYPO3-CORE-SA-2012-005: Several Vulnerabilities in TYPO3 Core  View
604959 59388 CVE-2012-6145 URL:http://www.openwall.com/lists/oss-security/2013/06/19/4  View
604960 59388 CVE-2012-6145 CONFIRM:http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/  View
604961 59388 CVE-2012-6145 OSVDB:87116  View
604962 59388 CVE-2012-6145 URL:http://osvdb.org/87116  View
604963 59388 CVE-2012-6145 XF:typo3-backendhistory-unspecified-xss(79965)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
30373 JVNDB-2012-006081 Samba の nsswitch/pam_winbind.c の winbind_name_list_to_sid_string_list 関数におけるアクセス制限を回避される脆弱性 Samba の nsswitch/pam_winbind.c 内の winbind_name_list_to_sid_string_list 関数は、すべてのユーザによる認証を受け入れることで無効な require_membership_of グループ名を処理するため、アクセス制限を回避される脆弱性が存在します。 CVE-2012-6150 59388 3.6 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-006081.html  View