CVE-2012-1082: XSS
First published: Tue Feb 14 2012(Updated: )
Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| TYPO3 Terminal | <=0.3.2 | |
| TYPO3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-1082?
CVE-2012-1082 has been classified as a moderate severity vulnerabilities due to the ability of remote authenticated users to exploit the XSS flaw.
How do I fix CVE-2012-1082?
To fix CVE-2012-1082, users should upgrade to the latest version of the Terminal PHP Shell extension beyond version 0.3.2.
Who is affected by CVE-2012-1082?
CVE-2012-1082 affects installations of the Terminal PHP Shell extension version 0.3.2 and earlier on TYPO3.
What type of vulnerability is CVE-2012-1082?
CVE-2012-1082 is a cross-site scripting (XSS) vulnerability that allows the injection of arbitrary web scripts or HTML.
Can CVE-2012-1082 be exploited remotely?
Yes, CVE-2012-1082 can be exploited remotely by authenticated users through unspecified vectors.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/typo3
- canonical/typo3 terminal
- version/typo3 terminal/0.3.2
- canonical/typo3 typo3