Search
Find a vulnerability
Search criteria
4 vulnerabilities found for episerver_cms by episerver
CVE-2012-1034 (GCVE-0-2012-1034)
Vulnerability from nvd – Published: 2012-02-08 11:00 – Updated: 2024-08-06 18:45
VLAI
EPSS
VEX
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/51877 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/47910 | third-party-advisoryx_refsource_SECUNIA |
| http://world.episerver.com/PageFiles/110367/BugList.txt | x_refsource_CONFIRM |
| http://world.episerver.com/Blogs/Shahid-Nawaz/Dat… | x_refsource_CONFIRM |
Date Public
2012-01-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:26.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51877",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51877"
},
{
"name": "47910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://world.episerver.com/PageFiles/110367/BugList.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-14T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "51877",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51877"
},
{
"name": "47910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://world.episerver.com/PageFiles/110367/BugList.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51877",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51877"
},
{
"name": "47910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47910"
},
{
"name": "http://world.episerver.com/PageFiles/110367/BugList.txt",
"refsource": "CONFIRM",
"url": "http://world.episerver.com/PageFiles/110367/BugList.txt"
},
{
"name": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/",
"refsource": "CONFIRM",
"url": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1034",
"datePublished": "2012-02-08T11:00:00.000Z",
"dateReserved": "2012-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:45:26.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1031 (GCVE-0-2012-1031)
Vulnerability from nvd – Published: 2012-02-08 02:00 – Updated: 2024-08-06 18:45
VLAI
EPSS
VEX
Summary
Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mode privileges, a different vulnerability than CVE-2011-3416 and CVE-2011-3417.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/51877 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/47910 | third-party-advisoryx_refsource_SECUNIA |
| http://world.episerver.com/Blogs/Jens-N/Dates/201… | x_refsource_CONFIRM |
| http://world.episerver.com/Blogs/Shahid-Nawaz/Dat… | x_refsource_CONFIRM |
Date Public
2012-01-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:26.742Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51877",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51877"
},
{
"name": "47910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://world.episerver.com/Blogs/Jens-N/Dates/2012/1/Security-vulnerability---Elevation-of-privilege/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mode privileges, a different vulnerability than CVE-2011-3416 and CVE-2011-3417."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-14T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "51877",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51877"
},
{
"name": "47910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://world.episerver.com/Blogs/Jens-N/Dates/2012/1/Security-vulnerability---Elevation-of-privilege/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mode privileges, a different vulnerability than CVE-2011-3416 and CVE-2011-3417."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51877",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51877"
},
{
"name": "47910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47910"
},
{
"name": "http://world.episerver.com/Blogs/Jens-N/Dates/2012/1/Security-vulnerability---Elevation-of-privilege/",
"refsource": "CONFIRM",
"url": "http://world.episerver.com/Blogs/Jens-N/Dates/2012/1/Security-vulnerability---Elevation-of-privilege/"
},
{
"name": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/",
"refsource": "CONFIRM",
"url": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1031",
"datePublished": "2012-02-08T02:00:00.000Z",
"dateReserved": "2012-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:45:26.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1034 (GCVE-0-2012-1034)
Vulnerability from cvelistv5 – Published: 2012-02-08 11:00 – Updated: 2024-08-06 18:45
VLAI
EPSS
VEX
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/51877 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/47910 | third-party-advisoryx_refsource_SECUNIA |
| http://world.episerver.com/PageFiles/110367/BugList.txt | x_refsource_CONFIRM |
| http://world.episerver.com/Blogs/Shahid-Nawaz/Dat… | x_refsource_CONFIRM |
Date Public
2012-01-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:26.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51877",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51877"
},
{
"name": "47910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://world.episerver.com/PageFiles/110367/BugList.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-14T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "51877",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51877"
},
{
"name": "47910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://world.episerver.com/PageFiles/110367/BugList.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51877",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51877"
},
{
"name": "47910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47910"
},
{
"name": "http://world.episerver.com/PageFiles/110367/BugList.txt",
"refsource": "CONFIRM",
"url": "http://world.episerver.com/PageFiles/110367/BugList.txt"
},
{
"name": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/",
"refsource": "CONFIRM",
"url": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1034",
"datePublished": "2012-02-08T11:00:00.000Z",
"dateReserved": "2012-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:45:26.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1031 (GCVE-0-2012-1031)
Vulnerability from cvelistv5 – Published: 2012-02-08 02:00 – Updated: 2024-08-06 18:45
VLAI
EPSS
VEX
Summary
Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mode privileges, a different vulnerability than CVE-2011-3416 and CVE-2011-3417.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/51877 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/47910 | third-party-advisoryx_refsource_SECUNIA |
| http://world.episerver.com/Blogs/Jens-N/Dates/201… | x_refsource_CONFIRM |
| http://world.episerver.com/Blogs/Shahid-Nawaz/Dat… | x_refsource_CONFIRM |
Date Public
2012-01-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:26.742Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51877",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51877"
},
{
"name": "47910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://world.episerver.com/Blogs/Jens-N/Dates/2012/1/Security-vulnerability---Elevation-of-privilege/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mode privileges, a different vulnerability than CVE-2011-3416 and CVE-2011-3417."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-14T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "51877",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51877"
},
{
"name": "47910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://world.episerver.com/Blogs/Jens-N/Dates/2012/1/Security-vulnerability---Elevation-of-privilege/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mode privileges, a different vulnerability than CVE-2011-3416 and CVE-2011-3417."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51877",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51877"
},
{
"name": "47910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47910"
},
{
"name": "http://world.episerver.com/Blogs/Jens-N/Dates/2012/1/Security-vulnerability---Elevation-of-privilege/",
"refsource": "CONFIRM",
"url": "http://world.episerver.com/Blogs/Jens-N/Dates/2012/1/Security-vulnerability---Elevation-of-privilege/"
},
{
"name": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/",
"refsource": "CONFIRM",
"url": "http://world.episerver.com/Blogs/Shahid-Nawaz/Dates/2012/1/General-Hotfix-CMS-6-R2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1031",
"datePublished": "2012-02-08T02:00:00.000Z",
"dateReserved": "2012-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:45:26.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}