CVE-2012-2112
published 2012-08-27CVE-2012-2112: Cross-site scripting (XSS) vulnerability in the Exception Handler in TYPO3 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7 allows remote…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.39%
68.8th percentile
Cross-site scripting (XSS) vulnerability in the Exception Handler in TYPO3 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7 allows remote attackers to inject arbitrary web script or HTML via exception messages.
Affected
42 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| typo3 | cms | >= 4.4 < 4.4.15 | 4.4.15 |
| typo3 | cms | >= 4.5 < 4.5.15 | 4.5.15 |
| typo3 | cms | >= 4.6 < 4.6.8 | 4.6.8 |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Typo3 Exception Handler XSS
ghsa·2022-05-17
CVE-2012-2112 [MEDIUM] CWE-79 Typo3 Exception Handler XSS
Typo3 Exception Handler XSS
Cross-site scripting (XSS) vulnerability in the Exception Handler in TYPO3 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7 allows remote attackers to inject arbitrary web script or HTML via exception messages.
OSV
Typo3 Exception Handler XSS
osv·2022-05-17
CVE-2012-2112 [MEDIUM] Typo3 Exception Handler XSS
Typo3 Exception Handler XSS
Cross-site scripting (XSS) vulnerability in the Exception Handler in TYPO3 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7 allows remote attackers to inject arbitrary web script or HTML via exception messages.
Citrix
Citrix Workspace App for Linux Security Update
vendor_citrix·CVSS 7.8
CVE-2022-21825 [HIGH] CWE-284 Citrix Workspace App for Linux Security Update
Citrix Workspace App for Linux Security Update
Vulnerability Type Pre-conditions CVE-2022-21825 Local privilege Escalation CWE-284: Improper Access Control Local user access to a system where Citrix Workspace App for Linux has been installed with App Protection. This vulnerability only affects Citrix Workspace app for Linux 2012 - 2111 and only exists if App Protection was installed as part of Citrix Workspace app for Linux. This vulnerability does not exist if App Protection is not installed. Citrix Workspace app for other platforms is not affected by this issue. Instructions This issue has been addressed in the following versions of Citrix Workspace app for Linux: Citrix Workspace App for Linux 2112 and later versions Citrix strongly recommends that affected customers upgrade to a
CVE
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.typo3.org/pipermail/typo3-announce/2012/000241.htmlhttp://lists.typo3.org/pipermail/typo3-announce/2012/000242.htmlhttp://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/http://www.debian.org/security/2012/dsa-2455http://www.openwall.com/lists/oss-security/2012/04/17/5http://www.openwall.com/lists/oss-security/2012/04/18/1http://www.securityfocus.com/bid/53047https://exchange.xforce.ibmcloud.com/vulnerabilities/74920http://lists.typo3.org/pipermail/typo3-announce/2012/000241.htmlhttp://lists.typo3.org/pipermail/typo3-announce/2012/000242.htmlhttp://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/http://www.debian.org/security/2012/dsa-2455http://www.openwall.com/lists/oss-security/2012/04/17/5http://www.openwall.com/lists/oss-security/2012/04/18/1http://www.securityfocus.com/bid/53047https://exchange.xforce.ibmcloud.com/vulnerabilities/74920
2012-08-27
Published