CVE-2012-1114

Published: Dec 5, 2019Modified: Nov 21, 2024

6.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.8 / Impact: 2.7

Source: NVD

Description

A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.

Affected (6)

Products: Ldap Account Manager: Ldap Account Manager · Debian: Debian Linux · Fedoraproject: Fedora

Ldap Account Manager

1 product

Ldap Account Manager

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ldap Account Manager Ldap Account Manager	Version 3.6

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0
Fedoraproject Fedora	Version 16
Fedoraproject Fedora	Version 17
Fedoraproject Fedora	Version 18

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (20)

http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089297.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089313.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089328.html

Source: secalert@redhat.com

Third Party Advisory

http://www.openwall.com/lists/oss-security/2012/03/05/24

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2012/03/12/1

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2012/03/12/10

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/52255

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1114

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/73971

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://security-tracker.debian.org/tracker/CVE-2012-1114

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089297.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089313.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089328.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.openwall.com/lists/oss-security/2012/03/05/24

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2012/03/12/1

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2012/03/12/10

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/52255

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1114

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/73971

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://security-tracker.debian.org/tracker/CVE-2012-1114

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.