CVE-2012-2769: XSS

First published: Wed Aug 15 2012(Updated: )

Multiple cross-site scripting (XSS) vulnerabilities in the topic administration page in the Extension::MobileUI extension before 1.02 for Best Practical Solutions RT 3.8.x and in Best Practical Solutions RT before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Jesse Vincent Extension\	<=1.01
Bestpractical Rt	<=4.0.5
Bestpractical Rt	=3.8.0
Bestpractical Rt	=3.8.0-rc1
Bestpractical Rt	=3.8.0-rc2
Bestpractical Rt	=3.8.0-rc3
Bestpractical Rt	=3.8.1
Bestpractical Rt	=3.8.1-rc1
Bestpractical Rt	=3.8.1-rc2
Bestpractical Rt	=3.8.1-rc3
Bestpractical Rt	=3.8.1-rc4
Bestpractical Rt	=3.8.1-rc5
Bestpractical Rt	=3.8.2
Bestpractical Rt	=3.8.2-rc1
Bestpractical Rt	=3.8.2-rc2
Bestpractical Rt	=3.8.3
Bestpractical Rt	=3.8.3-rc1
Bestpractical Rt	=3.8.3-rc2
Bestpractical Rt	=3.8.4
Bestpractical Rt	=3.8.4-rc1
Bestpractical Rt	=3.8.5
Bestpractical Rt	=3.8.6
Bestpractical Rt	=3.8.6-rc1
Bestpractical Rt	=3.8.7
Bestpractical Rt	=3.8.7-rc1
Bestpractical Rt	=3.8.8
Bestpractical Rt	=3.8.8-rc2
Bestpractical Rt	=3.8.8-rc3
Bestpractical Rt	=3.8.8-rc4
Bestpractical Rt	=3.8.9
Bestpractical Rt	=3.8.9-rc1
Bestpractical Rt	=3.8.9-rc2
Bestpractical Rt	=3.8.9-rc3
Bestpractical Rt	=3.8.10
Bestpractical Rt	=3.8.11
Bestpractical Rt	=3.8.12
Bestpractical Rt	=4.0.0
Bestpractical Rt	=4.0.0-rc1
Bestpractical Rt	=4.0.0-rc2
Bestpractical Rt	=4.0.0-rc3
Bestpractical Rt	=4.0.0-rc4
Bestpractical Rt	=4.0.0-rc5
Bestpractical Rt	=4.0.0-rc6
Bestpractical Rt	=4.0.0-rc7
Bestpractical Rt	=4.0.0-rc8
Bestpractical Rt	=4.0.1
Bestpractical Rt	=4.0.2
Bestpractical Rt	=4.0.3
Bestpractical Rt	=4.0.4

Never miss a vulnerability like this again

Reference Links

agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/remedy
agent/severity
agent/softwarecombine
agent/tags
agent/type
agent/weakness
collector/nvd-index
vendor/jesse vincent
canonical/jesse vincent extension\
version/jesse vincent extension\/1.01
vendor/bestpractical
canonical/bestpractical rt
version/bestpractical rt/4.0.5
version/bestpractical rt/3.8.0
version/bestpractical rt/3.8.0-rc1
version/bestpractical rt/3.8.0-rc2
version/bestpractical rt/3.8.0-rc3
version/bestpractical rt/3.8.1
version/bestpractical rt/3.8.1-rc1
version/bestpractical rt/3.8.1-rc2
version/bestpractical rt/3.8.1-rc3
version/bestpractical rt/3.8.1-rc4
version/bestpractical rt/3.8.1-rc5
version/bestpractical rt/3.8.2
version/bestpractical rt/3.8.2-rc1
version/bestpractical rt/3.8.2-rc2
version/bestpractical rt/3.8.3
version/bestpractical rt/3.8.3-rc1
version/bestpractical rt/3.8.3-rc2
version/bestpractical rt/3.8.4
version/bestpractical rt/3.8.4-rc1
version/bestpractical rt/3.8.5
version/bestpractical rt/3.8.6
version/bestpractical rt/3.8.6-rc1
version/bestpractical rt/3.8.7
version/bestpractical rt/3.8.7-rc1
version/bestpractical rt/3.8.8
version/bestpractical rt/3.8.8-rc2
version/bestpractical rt/3.8.8-rc3
version/bestpractical rt/3.8.8-rc4
version/bestpractical rt/3.8.9
version/bestpractical rt/3.8.9-rc1
version/bestpractical rt/3.8.9-rc2
version/bestpractical rt/3.8.9-rc3
version/bestpractical rt/3.8.10
version/bestpractical rt/3.8.11
version/bestpractical rt/3.8.12
version/bestpractical rt/4.0.0
version/bestpractical rt/4.0.0-rc1
version/bestpractical rt/4.0.0-rc2
version/bestpractical rt/4.0.0-rc3
version/bestpractical rt/4.0.0-rc4
version/bestpractical rt/4.0.0-rc5
version/bestpractical rt/4.0.0-rc6
version/bestpractical rt/4.0.0-rc7
version/bestpractical rt/4.0.0-rc8
version/bestpractical rt/4.0.1
version/bestpractical rt/4.0.2
version/bestpractical rt/4.0.3
version/bestpractical rt/4.0.4

CVE-2012-2769: XSS

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact