CVE-2012-1262

Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.
Cross-site Scripting
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:N/I:P/A:N
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
VendorProductVersion
movabletypemovable_type_open_source
𝑥
≤ 4.37
movabletypemovable_type_open_source
4.0
movabletypemovable_type_open_source
4.0
movabletypemovable_type_open_source
4.1
movabletypemovable_type_open_source
4.1
movabletypemovable_type_open_source
4.01
movabletypemovable_type_open_source
4.2
movabletypemovable_type_open_source
4.2
movabletypemovable_type_open_source
4.3
movabletypemovable_type_open_source
4.23
movabletypemovable_type_open_source
4.25
movabletypemovable_type_open_source
4.26
movabletypemovable_type_open_source
4.31
movabletypemovable_type_open_source
4.32
movabletypemovable_type_open_source
4.33
movabletypemovable_type_open_source
4.34
movabletypemovable_type_open_source
4.35
movabletypemovable_type_open_source
4.36
movabletypemovable_type_open_source
4.261
movabletypemovable_type_open_source
4.361
movabletypemovable_type_open_source
5.1
movabletypemovable_type_open_source
5.02
movabletypemovable_type_open_source
5.03
movabletypemovable_type_open_source
5.04
movabletypemovable_type_open_source
5.05
movabletypemovable_type_open_source
5.06
movabletypemovable_type_open_source
5.11
movabletypemovable_type_open_source
5.12
movabletypemovable_type_open_source
5.031
movabletypemovable_type_open_source
5.051
movabletypemovable_type_enterprise
𝑥
≤ 4.37
movabletypemovable_type_enterprise
4.0
movabletypemovable_type_enterprise
4.0
movabletypemovable_type_enterprise
4.1
movabletypemovable_type_enterprise
4.01
movabletypemovable_type_enterprise
4.1
movabletypemovable_type_enterprise
4.2
movabletypemovable_type_enterprise
4.2
movabletypemovable_type_enterprise
4.3
movabletypemovable_type_enterprise
4.23
movabletypemovable_type_enterprise
4.25
movabletypemovable_type_enterprise
4.26
movabletypemovable_type_enterprise
4.31
movabletypemovable_type_enterprise
4.32
movabletypemovable_type_enterprise
4.33
movabletypemovable_type_enterprise
4.34
movabletypemovable_type_enterprise
4.35
movabletypemovable_type_enterprise
4.36
movabletypemovable_type_enterprise
4.261
movabletypemovable_type_enterprise
4.361
movabletypemovable_type_enterprise
5.1
movabletypemovable_type_enterprise
5.02
movabletypemovable_type_enterprise
5.03
movabletypemovable_type_enterprise
5.04
movabletypemovable_type_enterprise
5.05
movabletypemovable_type_enterprise
5.06
movabletypemovable_type_enterprise
5.11
movabletypemovable_type_enterprise
5.12
movabletypemovable_type_enterprise
5.031
movabletypemovable_type_enterprise
5.051
movabletypemovable_type_advanced
𝑥
≤ 4.37
movabletypemovable_type_advanced
4.0
movabletypemovable_type_advanced
4.0
movabletypemovable_type_advanced
4.1
movabletypemovable_type_advanced
4.01
movabletypemovable_type_advanced
4.1
movabletypemovable_type_advanced
4.2
movabletypemovable_type_advanced
4.2
movabletypemovable_type_advanced
4.3
movabletypemovable_type_advanced
4.23
movabletypemovable_type_advanced
4.25
movabletypemovable_type_advanced
4.26
movabletypemovable_type_advanced
4.31
movabletypemovable_type_advanced
4.32
movabletypemovable_type_advanced
4.33
movabletypemovable_type_advanced
4.34
movabletypemovable_type_advanced
4.35
movabletypemovable_type_advanced
4.36
movabletypemovable_type_advanced
4.261
movabletypemovable_type_advanced
4.361
movabletypemovable_type_advanced
5.1
movabletypemovable_type_advanced
5.02
movabletypemovable_type_advanced
5.03
movabletypemovable_type_advanced
5.04
movabletypemovable_type_advanced
5.05
movabletypemovable_type_advanced
5.06
movabletypemovable_type_advanced
5.11
movabletypemovable_type_advanced
5.12
movabletypemovable_type_advanced
5.031
movabletypemovable_type_advanced
5.051
movabletypemovable_type_pro
𝑥
≤ 4.37
movabletypemovable_type_pro
4.0
movabletypemovable_type_pro
4.0
movabletypemovable_type_pro
4.1
movabletypemovable_type_pro
4.1
movabletypemovable_type_pro
4.01
movabletypemovable_type_pro
4.2
movabletypemovable_type_pro
4.2
movabletypemovable_type_pro
4.3
movabletypemovable_type_pro
4.23
movabletypemovable_type_pro
4.25
movabletypemovable_type_pro
4.26
movabletypemovable_type_pro
4.31
movabletypemovable_type_pro
4.32
movabletypemovable_type_pro
4.33
movabletypemovable_type_pro
4.34
movabletypemovable_type_pro
4.35
movabletypemovable_type_pro
4.36
movabletypemovable_type_pro
4.261
movabletypemovable_type_pro
4.361
movabletypemovable_type_pro
5.1
movabletypemovable_type_pro
5.02
movabletypemovable_type_pro
5.03
movabletypemovable_type_pro
5.04
movabletypemovable_type_pro
5.05
movabletypemovable_type_pro
5.06
movabletypemovable_type_pro
5.11
movabletypemovable_type_pro
5.12
movabletypemovable_type_pro
5.031
movabletypemovable_type_pro
5.051
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
movabletype-opensource
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
dne
utopic
not-affected
trusty
dne
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
ignored
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
hardy
dne