Strix
26.1K

CVE-2012-4071

UnknownEPSS 1.16%

Last modified

CVE-2012-4071 is a vulnerability of currently unknown severity. Cross-site scripting (XSS) vulnerability in the comments module in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to inject arbitrary web script or HTML via crafted BBCode markup in a comment.. EPSS estimates a 1.16% chance of exploitation in the next 30 days.

Description

Cross-site scripting (XSS) vulnerability in the comments module in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to inject arbitrary web script or HTML via crafted BBCode markup in a comment.

Metrics

EPSS Probability
1.16%

63.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
Rsgallery2Com Rsgallery2<= 2.2.1
Rsgallery2Com Rsgallery21.9.0-4Alpha
Rsgallery2Com Rsgallery21.9.4Alpha
Rsgallery2Com Rsgallery21.9.5Alpha
Rsgallery2Com Rsgallery21.10.1Alpha
Rsgallery2Com Rsgallery21.10.2Alpha
Rsgallery2Com Rsgallery21.10.5Alpha
Rsgallery2Com Rsgallery21.10.6Alpha
Rsgallery2Com Rsgallery21.10.7Alpha
Rsgallery2Com Rsgallery21.10.8Alpha
Rsgallery2Com Rsgallery21.10.9Alpha
Rsgallery2Com Rsgallery21.10.10Alpha
Rsgallery2Com Rsgallery21.10.11Alpha
Rsgallery2Com Rsgallery21.10.13Alpha
Rsgallery2Com Rsgallery21.10.14Alpha
Rsgallery2Com Rsgallery21.11.0Alpha
Rsgallery2Com Rsgallery21.11.1Alpha
Rsgallery2Com Rsgallery21.11.2Alpha
Rsgallery2Com Rsgallery21.11.3Alpha
Rsgallery2Com Rsgallery21.11.4Alpha
Rsgallery2Com Rsgallery21.11.5Alpha
Rsgallery2Com Rsgallery21.11.6Alpha
Rsgallery2Com Rsgallery21.11.7Alpha
Rsgallery2Com Rsgallery21.11.8Alpha
Rsgallery2Com Rsgallery21.11.10Alpha
Rsgallery2Com Rsgallery21.11.11Alpha
Rsgallery2Com Rsgallery21.12.0Alpha
Rsgallery2Com Rsgallery21.12.1Alpha
Rsgallery2Com Rsgallery21.12.2Alpha
Rsgallery2Com Rsgallery21.13.0Alpha
Rsgallery2Com Rsgallery21.13.1Alpha
Rsgallery2Com Rsgallery21.14.0Alpha
Rsgallery2Com Rsgallery21.14.1Alpha
Rsgallery2Com Rsgallery22.1.0Beta
Rsgallery2Com Rsgallery22.1.1
Rsgallery2Com Rsgallery22.2.0
Rsgallery2Com Rsgallery2<= 3.1.0
Rsgallery2Com Rsgallery23.0Rc1
Rsgallery2Com Rsgallery23.0.1

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2012-4071?
Cross-site scripting (XSS) vulnerability in the comments module in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to inject arbitrary web script or HTML via crafted BBCode markup in a comment.
How severe is CVE-2012-4071?
Severity scoring for CVE-2012-4071 is pending analysis. The EPSS model estimates a 1.16% probability of exploitation in the next 30 days.
How do I fix CVE-2012-4071?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-4071?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST