Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6
CVSSv2

CVE-2012-1826

Published: 08/06/2012 Updated: 27/11/2012
CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8
VMScore: 534
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Subscribe to Dotcms

Vulnerability Summary

dotCMS 1.9 prior to 1.9.5.1 allows remote authenticated users to execute arbitrary Java code via a crafted (1) XSLT or (2) Velocity template.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dotcms dotcms 1.9.2.1

dotcms dotcms 1.9

References

CWE-264https://github.com/dotCMS/dotCMS/issues/261http://www.kb.cert.org/vuls/id/898083https://github.com/dotCMS/dotCMS/issues/281https://gist.github.com/2627440http://dotcms.com/dotCMSVersions/http://secunia.com/advisories/49276http://www.securityfocus.com/bid/53688http://osvdb.org/82240https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/898083
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook