CVE-2012-0976: CVE-2012-0976

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-0976

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Cross-site scripting (XSS) vulnerability in admin/EditForm in SilverStripe 2.4.6 allows remote authenticated users with Content Authors privileges to inject arbitrary web script or HTML via the Title parameter. NOTE: some of these details are obtained from third party information.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

SilverStripe ‘Title’ 参数HTML注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

SilverStripe CMS是新西兰SilverStripe公司的一套开源的编程框架和内容管理系统 (CMS)。该系统具有支持多国语言、跨平台等特点。 SilverStripe中存在HTML注入漏洞，该漏洞源于对用户提供的输入未经正确过滤。攻击者提供的HTML和脚本代码可在受影响浏览器的上下文中运行，可能允许攻击者盗取基于cookie的认证证书或者控制网站传达给用户的方式，也可能执行其他的攻击。SilverStripe 2.4.6版本存在此漏洞，其它版本也可能受到影响。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2012-0976

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2012-0976

Please Login to view more intelligence information

https://github.com/silverstripe/sapphire/commit/252e187x_refsource_CONFIRM
http://doc.silverstripe.org/framework/en/trunk/changelogs/2.3.13x_refsource_CONFIRM
http://packetstormsecurity.org/files/view/109210/silverstripecmspage-xss.txtx_refsource_MISC
https://github.com/silverstripe/sapphire/commit/475e077x_refsource_CONFIRM
https://github.com/silverstripe/sapphire/commit/5fe7091x_refsource_CONFIRM
http://www.securityfocus.com/bid/51761vdb-entryx_refsource_BID
http://osvdb.org/78677vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/47812third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/72820vdb-entryx_refsource_XF
http://www.openwall.com/lists/oss-security/2012/04/30/3mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2012-0976

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2012-0976

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2012-0976

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2012-0976

III. Intelligence Information for CVE-2012-0976

IV. Related Vulnerabilities

V. Comments for CVE-2012-0976

Leave a comment