Vulnerability Details CVE-2012-4000
Cross-site scripting (XSS) vulnerability in the print_textinputs_var function in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor 2.6.7 and earlier allows remote attackers to inject arbitrary web script or HTML via textinputs array parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.042
EPSS Ranking 88.3%
CVSS Severity
CVSS v2 Score 4.3
References
- http://disse.cting.org/blog/2012/06/22/fckeditor-reflected-xss-vulnerability/
- http://secunia.com/advisories/49606
- http://www.debian.org/security/2012/dsa-2522
- http://www.securityfocus.com/bid/54188
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76604
- http://disse.cting.org/blog/2012/06/22/fckeditor-reflected-xss-vulnerability/
- http://secunia.com/advisories/49606
- http://www.debian.org/security/2012/dsa-2522
- http://www.securityfocus.com/bid/54188
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76604
Products affected by CVE-2012-4000
-
cpe:2.3:a:ckeditor:fckeditor:-
-
cpe:2.3:a:ckeditor:fckeditor:0.8
-
cpe:2.3:a:ckeditor:fckeditor:0.8.5
-
cpe:2.3:a:ckeditor:fckeditor:0.9.0
-
cpe:2.3:a:ckeditor:fckeditor:0.9.1
-
cpe:2.3:a:ckeditor:fckeditor:0.9.2
-
cpe:2.3:a:ckeditor:fckeditor:0.9.3
-
cpe:2.3:a:ckeditor:fckeditor:0.9.4
-
cpe:2.3:a:ckeditor:fckeditor:0.9.5
-
cpe:2.3:a:ckeditor:fckeditor:1.0
-
cpe:2.3:a:ckeditor:fckeditor:1.1
-
cpe:2.3:a:ckeditor:fckeditor:1.2
-
cpe:2.3:a:ckeditor:fckeditor:1.2.2
-
cpe:2.3:a:ckeditor:fckeditor:1.2.4
-
cpe:2.3:a:ckeditor:fckeditor:1.3
-
cpe:2.3:a:ckeditor:fckeditor:1.3.1
-
cpe:2.3:a:ckeditor:fckeditor:1.4
-
cpe:2.3:a:ckeditor:fckeditor:1.5
-
cpe:2.3:a:ckeditor:fckeditor:1.6
-
cpe:2.3:a:ckeditor:fckeditor:2.0
-
cpe:2.3:a:ckeditor:fckeditor:2.1
-
cpe:2.3:a:ckeditor:fckeditor:2.1.1
-
cpe:2.3:a:ckeditor:fckeditor:2.2
-
cpe:2.3:a:ckeditor:fckeditor:2.3
-
cpe:2.3:a:ckeditor:fckeditor:2.3.1
-
cpe:2.3:a:ckeditor:fckeditor:2.3.2
-
cpe:2.3:a:ckeditor:fckeditor:2.3.3
-
cpe:2.3:a:ckeditor:fckeditor:2.4
-
cpe:2.3:a:ckeditor:fckeditor:2.4.1
-
cpe:2.3:a:ckeditor:fckeditor:2.4.2
-
cpe:2.3:a:ckeditor:fckeditor:2.4.3
-
cpe:2.3:a:ckeditor:fckeditor:2.5
-
cpe:2.3:a:ckeditor:fckeditor:2.5.1
-
cpe:2.3:a:ckeditor:fckeditor:2.6
-
cpe:2.3:a:ckeditor:fckeditor:2.6.1
-
cpe:2.3:a:ckeditor:fckeditor:2.6.2
-
cpe:2.3:a:ckeditor:fckeditor:2.6.3
-
cpe:2.3:a:ckeditor:fckeditor:2.6.4
-
cpe:2.3:a:ckeditor:fckeditor:2.6.4.1
-
cpe:2.3:a:ckeditor:fckeditor:2.6.5
-
cpe:2.3:a:ckeditor:fckeditor:2.6.6
-
cpe:2.3:a:ckeditor:fckeditor:2.6.7