What is the severity of CVE-2012-1036?

CVE-2012-1036 has a medium severity rating, allowing attackers to execute arbitrary scripting code in a victim's browser.

How do I fix CVE-2012-1036?

To fix CVE-2012-1036, upgrade DotNetNuke to version 5.6.4 or later, or 6.1.0 or later.

Which software versions are affected by CVE-2012-1036?

CVE-2012-1036 affects DotNetNuke versions prior to 5.6.4 and 6.x versions before 6.1.0.

What kind of attacks can exploit CVE-2012-1036?

CVE-2012-1036 can be exploited for cross-site scripting (XSS) attacks, allowing injection of malicious scripts.

Are there any known exploits for CVE-2012-1036?

Yes, there are known exploits for CVE-2012-1036 that target vulnerable installations of DotNetNuke.

Vulnerability/
CVE-2012-1036

medium

4.3

CWE

11/4/2012

16/9/2024

CVE-2012-1036: XSS

First published: Wed Apr 11 2012(Updated: )

Cross-site scripting (XSS) vulnerability in the telerik HTML editor in DotNetNuke before 5.6.4 and 6.x before 6.1.0 allows remote attackers to inject arbitrary web script or HTML via a message.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
DNN (DotNetNuke)	<=5.6.3
DNN (DotNetNuke)	=4.9.0
DNN (DotNetNuke)	=4.9.1
DNN (DotNetNuke)	=4.9.2
DNN (DotNetNuke)	=4.9.3
DNN (DotNetNuke)	=4.9.4
DNN (DotNetNuke)	=4.9.5
DNN (DotNetNuke)	=5.0.0
DNN (DotNetNuke)	=5.0.1
DNN (DotNetNuke)	=5.1.0
DNN (DotNetNuke)	=5.1.1
DNN (DotNetNuke)	=5.1.2
DNN (DotNetNuke)	=5.1.3
DNN (DotNetNuke)	=5.1.4
DNN (DotNetNuke)	=5.2.0
DNN (DotNetNuke)	=5.2.1
DNN (DotNetNuke)	=5.2.2
DNN (DotNetNuke)	=5.2.3
DNN (DotNetNuke)	=5.3.0
DNN (DotNetNuke)	=5.3.1
DNN (DotNetNuke)	=5.4.0
DNN (DotNetNuke)	=5.4.1
DNN (DotNetNuke)	=5.4.2
DNN (DotNetNuke)	=5.4.3
DNN (DotNetNuke)	=5.4.4
DNN (DotNetNuke)	=5.5.0
DNN (DotNetNuke)	=5.5.1
DNN (DotNetNuke)	=5.6.0
DNN (DotNetNuke)	=5.6.1
DNN (DotNetNuke)	=5.6.2
DNN (DotNetNuke)	=6.0.0
DNN (DotNetNuke)	=6.0.1
DNN (DotNetNuke)	=6.0.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-1036?
CVE-2012-1036 has a medium severity rating, allowing attackers to execute arbitrary scripting code in a victim's browser.
How do I fix CVE-2012-1036?
To fix CVE-2012-1036, upgrade DotNetNuke to version 5.6.4 or later, or 6.1.0 or later.
Which software versions are affected by CVE-2012-1036?
CVE-2012-1036 affects DotNetNuke versions prior to 5.6.4 and 6.x versions before 6.1.0.
What kind of attacks can exploit CVE-2012-1036?
CVE-2012-1036 can be exploited for cross-site scripting (XSS) attacks, allowing injection of malicious scripts.
Are there any known exploits for CVE-2012-1036?
Yes, there are known exploits for CVE-2012-1036 that target vulnerable installations of DotNetNuke.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/description
agent/author
agent/first-publish-date
agent/event
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/dotnetnuke
canonical/dnn (dotnetnuke)
version/dnn (dotnetnuke)/5.6.3
version/dnn (dotnetnuke)/4.9.0
version/dnn (dotnetnuke)/4.9.1
version/dnn (dotnetnuke)/4.9.2
version/dnn (dotnetnuke)/4.9.3
version/dnn (dotnetnuke)/4.9.4
version/dnn (dotnetnuke)/4.9.5
version/dnn (dotnetnuke)/5.0.0
version/dnn (dotnetnuke)/5.0.1
version/dnn (dotnetnuke)/5.1.0
version/dnn (dotnetnuke)/5.1.1
version/dnn (dotnetnuke)/5.1.2
version/dnn (dotnetnuke)/5.1.3
version/dnn (dotnetnuke)/5.1.4
version/dnn (dotnetnuke)/5.2.0
version/dnn (dotnetnuke)/5.2.1
version/dnn (dotnetnuke)/5.2.2
version/dnn (dotnetnuke)/5.2.3
version/dnn (dotnetnuke)/5.3.0
version/dnn (dotnetnuke)/5.3.1
version/dnn (dotnetnuke)/5.4.0
version/dnn (dotnetnuke)/5.4.1
version/dnn (dotnetnuke)/5.4.2
version/dnn (dotnetnuke)/5.4.3
version/dnn (dotnetnuke)/5.4.4
version/dnn (dotnetnuke)/5.5.0
version/dnn (dotnetnuke)/5.5.1
version/dnn (dotnetnuke)/5.6.0
version/dnn (dotnetnuke)/5.6.1
version/dnn (dotnetnuke)/5.6.2
version/dnn (dotnetnuke)/6.0.0
version/dnn (dotnetnuke)/6.0.1
version/dnn (dotnetnuke)/6.0.2