CVE-2012-1262
03.03.2012, 04:04
Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.
| Vendor | Product | Version |
|---|---|---|
| movabletype | movable_type_open_source | 𝑥 ≤ 4.37 |
| movabletype | movable_type_open_source | 4.0 |
| movabletype | movable_type_open_source | 4.0:beta |
| movabletype | movable_type_open_source | 4.1 |
| movabletype | movable_type_open_source | 4.1:beta |
| movabletype | movable_type_open_source | 4.01:beta |
| movabletype | movable_type_open_source | 4.2 |
| movabletype | movable_type_open_source | 4.2:beta |
| movabletype | movable_type_open_source | 4.3 |
| movabletype | movable_type_open_source | 4.23 |
| movabletype | movable_type_open_source | 4.25 |
| movabletype | movable_type_open_source | 4.26 |
| movabletype | movable_type_open_source | 4.31 |
| movabletype | movable_type_open_source | 4.32 |
| movabletype | movable_type_open_source | 4.33 |
| movabletype | movable_type_open_source | 4.34 |
| movabletype | movable_type_open_source | 4.35 |
| movabletype | movable_type_open_source | 4.36 |
| movabletype | movable_type_open_source | 4.261 |
| movabletype | movable_type_open_source | 4.361 |
| movabletype | movable_type_open_source | 5.1 |
| movabletype | movable_type_open_source | 5.02 |
| movabletype | movable_type_open_source | 5.03 |
| movabletype | movable_type_open_source | 5.04 |
| movabletype | movable_type_open_source | 5.05 |
| movabletype | movable_type_open_source | 5.06 |
| movabletype | movable_type_open_source | 5.11 |
| movabletype | movable_type_open_source | 5.12 |
| movabletype | movable_type_open_source | 5.031 |
| movabletype | movable_type_open_source | 5.051 |
| movabletype | movable_type_enterprise | 𝑥 ≤ 4.37 |
| movabletype | movable_type_enterprise | 4.0 |
| movabletype | movable_type_enterprise | 4.0:beta |
| movabletype | movable_type_enterprise | 4.1 |
| movabletype | movable_type_enterprise | 4.01:beta |
| movabletype | movable_type_enterprise | 4.1:beta |
| movabletype | movable_type_enterprise | 4.2 |
| movabletype | movable_type_enterprise | 4.2:beta |
| movabletype | movable_type_enterprise | 4.3 |
| movabletype | movable_type_enterprise | 4.23 |
| movabletype | movable_type_enterprise | 4.25 |
| movabletype | movable_type_enterprise | 4.26 |
| movabletype | movable_type_enterprise | 4.31 |
| movabletype | movable_type_enterprise | 4.32 |
| movabletype | movable_type_enterprise | 4.33 |
| movabletype | movable_type_enterprise | 4.34 |
| movabletype | movable_type_enterprise | 4.35 |
| movabletype | movable_type_enterprise | 4.36 |
| movabletype | movable_type_enterprise | 4.261 |
| movabletype | movable_type_enterprise | 4.361 |
| movabletype | movable_type_enterprise | 5.1 |
| movabletype | movable_type_enterprise | 5.02 |
| movabletype | movable_type_enterprise | 5.03 |
| movabletype | movable_type_enterprise | 5.04 |
| movabletype | movable_type_enterprise | 5.05 |
| movabletype | movable_type_enterprise | 5.06 |
| movabletype | movable_type_enterprise | 5.11 |
| movabletype | movable_type_enterprise | 5.12 |
| movabletype | movable_type_enterprise | 5.031 |
| movabletype | movable_type_enterprise | 5.051 |
| movabletype | movable_type_advanced | 𝑥 ≤ 4.37 |
| movabletype | movable_type_advanced | 4.0 |
| movabletype | movable_type_advanced | 4.0:beta |
| movabletype | movable_type_advanced | 4.1 |
| movabletype | movable_type_advanced | 4.01:beta |
| movabletype | movable_type_advanced | 4.1:beta |
| movabletype | movable_type_advanced | 4.2 |
| movabletype | movable_type_advanced | 4.2:beta |
| movabletype | movable_type_advanced | 4.3 |
| movabletype | movable_type_advanced | 4.23 |
| movabletype | movable_type_advanced | 4.25 |
| movabletype | movable_type_advanced | 4.26 |
| movabletype | movable_type_advanced | 4.31 |
| movabletype | movable_type_advanced | 4.32 |
| movabletype | movable_type_advanced | 4.33 |
| movabletype | movable_type_advanced | 4.34 |
| movabletype | movable_type_advanced | 4.35 |
| movabletype | movable_type_advanced | 4.36 |
| movabletype | movable_type_advanced | 4.261 |
| movabletype | movable_type_advanced | 4.361 |
| movabletype | movable_type_advanced | 5.1 |
| movabletype | movable_type_advanced | 5.02 |
| movabletype | movable_type_advanced | 5.03 |
| movabletype | movable_type_advanced | 5.04 |
| movabletype | movable_type_advanced | 5.05 |
| movabletype | movable_type_advanced | 5.06 |
| movabletype | movable_type_advanced | 5.11 |
| movabletype | movable_type_advanced | 5.12 |
| movabletype | movable_type_advanced | 5.031 |
| movabletype | movable_type_advanced | 5.051 |
| movabletype | movable_type_pro | 𝑥 ≤ 4.37 |
| movabletype | movable_type_pro | 4.0 |
| movabletype | movable_type_pro | 4.0:beta |
| movabletype | movable_type_pro | 4.1 |
| movabletype | movable_type_pro | 4.1:beta |
| movabletype | movable_type_pro | 4.01:beta |
| movabletype | movable_type_pro | 4.2 |
| movabletype | movable_type_pro | 4.2:beta |
| movabletype | movable_type_pro | 4.3 |
| movabletype | movable_type_pro | 4.23 |
| movabletype | movable_type_pro | 4.25 |
| movabletype | movable_type_pro | 4.26 |
| movabletype | movable_type_pro | 4.31 |
| movabletype | movable_type_pro | 4.32 |
| movabletype | movable_type_pro | 4.33 |
| movabletype | movable_type_pro | 4.34 |
| movabletype | movable_type_pro | 4.35 |
| movabletype | movable_type_pro | 4.36 |
| movabletype | movable_type_pro | 4.261 |
| movabletype | movable_type_pro | 4.361 |
| movabletype | movable_type_pro | 5.1 |
| movabletype | movable_type_pro | 5.02 |
| movabletype | movable_type_pro | 5.03 |
| movabletype | movable_type_pro | 5.04 |
| movabletype | movable_type_pro | 5.05 |
| movabletype | movable_type_pro | 5.06 |
| movabletype | movable_type_pro | 5.11 |
| movabletype | movable_type_pro | 5.12 |
| movabletype | movable_type_pro | 5.031 |
| movabletype | movable_type_pro | 5.051 |
𝑥
= Vulnerable software versions
Ubuntu Releases
References