CVE-2012-0327: XSS

Q: What is the severity of CVE-2012-0327?

CVE-2012-0327 has a medium severity level due to its potential to allow remote attackers to perform cross-site scripting (XSS) attacks.

Q: How do I fix CVE-2012-0327?

To fix CVE-2012-0327, upgrade Redmine to version 1.3.2 or later, which addresses the vulnerability.

Q: Which versions of Redmine are affected by CVE-2012-0327?

CVE-2012-0327 affects all versions of Redmine prior to 1.3.2, including versions 0.1.0 through 1.3.1.

Q: What type of vulnerability is CVE-2012-0327?

CVE-2012-0327 is a cross-site scripting (XSS) vulnerability that allows for the injection of arbitrary web scripts or HTML.

Q: Can CVE-2012-0327 impact user data?

Yes, if exploited, CVE-2012-0327 can potentially compromise user data by allowing attackers to execute malicious scripts in the context of the user's session.

First published: Wed Apr 04 2012(Updated: )

Cross-site scripting (XSS) vulnerability in Redmine before 1.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Credit: vultures@jpcert.or.jp

Affected Software	Affected Version	How to fix
Redmine	<=1.3.1
Redmine	=0.1.0
Redmine	=0.2.1
Redmine	=0.2.2
Redmine	=0.3.0
Redmine	=0.4.0
Redmine	=0.4.1
Redmine	=0.4.2
Redmine	=0.5.0
Redmine	=0.5.1
Redmine	=0.6.0
Redmine	=0.6.1
Redmine	=0.6.2
Redmine	=0.6.3
Redmine	=0.6.4
Redmine	=0.7.0
Redmine	=0.7.0-rc1
Redmine	=0.7.1
Redmine	=0.7.2
Redmine	=0.7.3
Redmine	=0.7.4
Redmine	=0.8.0
Redmine	=0.8.0-rc1
Redmine	=0.8.1
Redmine	=0.8.2
Redmine	=0.8.3
Redmine	=0.8.4
Redmine	=0.8.5
Redmine	=0.8.6
Redmine	=0.8.7
Redmine	=0.9.0
Redmine	=0.9.1
Redmine	=0.9.2
Redmine	=0.9.3
Redmine	=0.9.4
Redmine	=0.9.5
Redmine	=0.9.6
Redmine	=1.0.0
Redmine	=1.0.1
Redmine	=1.0.2
Redmine	=1.0.3
Redmine	=1.0.4
Redmine	=1.0.5
Redmine	=1.1.0
Redmine	=1.1.1
Redmine	=1.1.2
Redmine	=1.1.3
Redmine	=1.2.0
Redmine	=1.2.1
Redmine	=1.2.2
Redmine	=1.2.3
Redmine	=1.3.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-0327?
CVE-2012-0327 has a medium severity level due to its potential to allow remote attackers to perform cross-site scripting (XSS) attacks.
How do I fix CVE-2012-0327?
To fix CVE-2012-0327, upgrade Redmine to version 1.3.2 or later, which addresses the vulnerability.
Which versions of Redmine are affected by CVE-2012-0327?
CVE-2012-0327 affects all versions of Redmine prior to 1.3.2, including versions 0.1.0 through 1.3.1.
What type of vulnerability is CVE-2012-0327?
CVE-2012-0327 is a cross-site scripting (XSS) vulnerability that allows for the injection of arbitrary web scripts or HTML.
Can CVE-2012-0327 impact user data?
Yes, if exploited, CVE-2012-0327 can potentially compromise user data by allowing attackers to execute malicious scripts in the context of the user's session.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
agent/weakness
vendor/redmine
canonical/redmine
version/redmine/1.3.1
version/redmine/0.1.0
version/redmine/0.2.1
version/redmine/0.2.2
version/redmine/0.3.0
version/redmine/0.4.0
version/redmine/0.4.1
version/redmine/0.4.2
version/redmine/0.5.0
version/redmine/0.5.1
version/redmine/0.6.0
version/redmine/0.6.1
version/redmine/0.6.2
version/redmine/0.6.3
version/redmine/0.6.4
version/redmine/0.7.0
version/redmine/0.7.0-rc1
version/redmine/0.7.1
version/redmine/0.7.2
version/redmine/0.7.3
version/redmine/0.7.4
version/redmine/0.8.0
version/redmine/0.8.0-rc1
version/redmine/0.8.1
version/redmine/0.8.2
version/redmine/0.8.3
version/redmine/0.8.4
version/redmine/0.8.5
version/redmine/0.8.6
version/redmine/0.8.7
version/redmine/0.9.0
version/redmine/0.9.1
version/redmine/0.9.2
version/redmine/0.9.3
version/redmine/0.9.4
version/redmine/0.9.5
version/redmine/0.9.6
version/redmine/1.0.0
version/redmine/1.0.1
version/redmine/1.0.2
version/redmine/1.0.3
version/redmine/1.0.4
version/redmine/1.0.5
version/redmine/1.1.0
version/redmine/1.1.1
version/redmine/1.1.2
version/redmine/1.1.3
version/redmine/1.2.0
version/redmine/1.2.1
version/redmine/1.2.2
version/redmine/1.2.3
version/redmine/1.3.0

CVE-2012-0327: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-0327?

How do I fix CVE-2012-0327?

Which versions of Redmine are affected by CVE-2012-0327?

What type of vulnerability is CVE-2012-0327?

Can CVE-2012-0327 impact user data?

Company

Resources

Contact