Vulnerabilites related to jesse_vincent - extension\
Vulnerability from fkie_nvd
Published
2012-08-15 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the topic administration page in the Extension::MobileUI extension before 1.02 for Best Practical Solutions RT 3.8.x and in Best Practical Solutions RT before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jesse_vincent:extension\\:\\:mobileui:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E54DEA31-7275-4F1D-9CA7-481E85CA70C0",
"versionEndIncluding": "1.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bestpractical:rt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76775531-A79C-460A-B870-AABF7F95E374",
"versionEndIncluding": "4.0.5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C503726A-4AAB-4444-A204-7F53A6369919",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EA620414-F78C-49C2-AC29-7CCCCC15B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A12FC95C-F9A7-4E47-AC07-F680D4436156",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D6101EAE-CB0E-4AB2-BCDC-9B4354422940",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B93F59-E22F-47E0-A5EA-D5716E9EAB48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "46059518-DCCB-410A-B7FD-FAF5F9DF9498",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CB1FAAF6-4403-4A45-B0D8-F9E4752C0CBD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A6E90C9D-CCEF-47CE-BED1-16BF37927998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "13410E37-9A6A-4A33-BB97-6B4D96AA11FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "02949074-A703-4F6E-BBA7-B79021A1377E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF01543-2929-4ADA-BD74-ABE00BF066BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9C440174-183B-423B-8E85-37E78EB43A91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4CED5D54-C62B-4543-9C36-D76489EA3CED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "562E9782-259B-42C6-BC3E-C452799A78FD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0B9A9DF7-8700-4CD4-9DAA-5368066F17A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AC116B6E-F6A7-4885-B592-635EE06B6E05",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D2E2C8-15E8-45E4-9DBF-6CF2BEB30576",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9635AFA4-24E6-4893-8B4B-57FE811A758D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9E4D117A-92C0-4884-A3E6-F6FCC8B89458",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AED14B5B-A9DE-46A4-8996-F6DC75B5DCD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D237F862-E8D5-4D82-9CDC-A8A84D2DE665",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "84FB5217-7650-4BB2-A0AB-BAB6A362CFD4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B306ECCE-8095-48E7-A523-05F6B2AF686E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BF6295-E0EF-44B8-A694-348EF39371BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B6FBA787-90EE-4148-804C-F4F6021D5177",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9035493E-C9BA-4DDE-914A-E14CB072E745",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "19E636D2-525B-4B27-A9E1-16BC0088C8AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "546F1582-B85F-4D4F-840C-6257F1DE05E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F9040C7B-9080-4B57-885D-9275B9623E46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7B927C5E-EAC2-4032-905A-BBCE66693958",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D8DB6F17-FF2F-4DCA-A8D1-C3E0D42ACCAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "32BE1C0B-D379-4A51-8188-B660730539AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E768F1-80EA-4016-837E-9B92A3954F8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:3.8.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C35364B8-6BB7-439D-9450-08FB11639E76",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F84987A7-103B-4473-9D4F-9F28880F6D9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9E220C7C-D32C-4ED1-A056-074576B7B504",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "57A903C6-3C9F-47A0-92F7-D5272B2622AC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "67EBD0AE-1A91-4690-8A07-0FB7342768FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A1217A3C-2302-4E3B-BF35-4B16271A6FF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A72E5649-26E5-47DE-9CB4-019FEC8AF13E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "51E06E3C-4504-4325-BD89-9102315858C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8A1286FE-DB7C-48B1-82A9-A23C82984A21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.0:rc8:*:*:*:*:*:*",
"matchCriteriaId": "5C89298A-DA7A-4DDD-A420-5B5BC0ABAF7E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "60F0CE6D-3DFA-4432-9615-78718C1D5583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A65F27F5-D134-4B94-BF93-CE32065B75B2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D6E744-5181-4E94-8B9B-3CA83648C7A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:bestpractical:rt:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5315BD2E-AE5F-49F9-8451-0D2D64CE56B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the topic administration page in the Extension::MobileUI extension before 1.02 for Best Practical Solutions RT 3.8.x and in Best Practical Solutions RT before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en la p\u00e1gina de administraci\u00f3n de temas en la extensi\u00f3n Extension::MobileUI anterior a v1.02 para (Best Practical Solutions RT) v3.8.x y en (Best Practical Solutions RT) anterior a v4.0.6."
}
],
"id": "CVE-2012-2769",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-08-15T21:55:01.680",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2012-July/000208.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50010"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/54684"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2012-July/000208.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/54684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77211"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2012-2769 (GCVE-0-2012-2769)
Vulnerability from cvelistv5
Published
2012-08-15 21:00
Modified
2024-08-06 19:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the topic administration page in the Extension::MobileUI extension before 1.02 for Best Practical Solutions RT 3.8.x and in Best Practical Solutions RT before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/54684 | vdb-entry, x_refsource_BID | |
| http://lists.bestpractical.com/pipermail/rt-announce/2012-July/000208.html | mailing-list, x_refsource_MLIST | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/77211 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/50010 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:42:32.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54684"
},
{
"name": "[rt-announce] 20120725 Security vulnerabilities in three commonly deployed RT extensions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2012-July/000208.html"
},
{
"name": "extensionmobileui-unspec-xs(77211)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77211"
},
{
"name": "50010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the topic administration page in the Extension::MobileUI extension before 1.02 for Best Practical Solutions RT 3.8.x and in Best Practical Solutions RT before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "54684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54684"
},
{
"name": "[rt-announce] 20120725 Security vulnerabilities in three commonly deployed RT extensions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2012-July/000208.html"
},
{
"name": "extensionmobileui-unspec-xs(77211)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77211"
},
{
"name": "50010",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2769",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the topic administration page in the Extension::MobileUI extension before 1.02 for Best Practical Solutions RT 3.8.x and in Best Practical Solutions RT before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54684"
},
{
"name": "[rt-announce] 20120725 Security vulnerabilities in three commonly deployed RT extensions",
"refsource": "MLIST",
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2012-July/000208.html"
},
{
"name": "extensionmobileui-unspec-xs(77211)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77211"
},
{
"name": "50010",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2769",
"datePublished": "2012-08-15T21:00:00",
"dateReserved": "2012-05-18T00:00:00",
"dateUpdated": "2024-08-06T19:42:32.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}