Published: 13/08/2012 Updated: 14/08/2012

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the smarty_function_html_options_optoutput function in distribution/libs/plugins/function.html_options.php in Smarty prior to 3.1.8 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
smarty smarty
smarty smarty 3.1.0
smarty smarty 3.0.4
smarty smarty 3.0.5
smarty smarty 3.0.6
smarty smarty 3.0.0
smarty smarty 3.0.1
smarty smarty 2.6.9
smarty smarty 2.6.4
smarty smarty 2.6.13
smarty smarty 2.6.0
smarty smarty 2.0.1
smarty smarty 2.2.0
smarty smarty 2.3.1
smarty smarty 2.6.18
smarty smarty 1.5.0
smarty smarty 1.5.2
smarty smarty 1.4.4
smarty smarty 1.4.0
smarty smarty 1.3.2
smarty smarty 1.1.0
smarty smarty 3.1.5
smarty smarty 3.1.4
smarty smarty 3.1.3
smarty smarty 3.1.2
smarty smarty 3.0.7
smarty smarty 2.6.5
smarty smarty 2.6.6
smarty smarty 2.6.15
smarty smarty 2.6.16
smarty smarty 2.1.1
smarty smarty 2.4.1
smarty smarty 2.4.2
smarty smarty 2.5.0
smarty smarty 1.0a
smarty smarty 1.0
smarty smarty 1.4.2
smarty smarty 1.4.3
smarty smarty 1.2.0
smarty smarty 1.2.1
smarty smarty 3.0.3
smarty smarty 3.0.2
smarty smarty 2.6.1
smarty smarty 2.6.10
smarty smarty 2.6.17
smarty smarty 2.6.2
smarty smarty 2.6.20
smarty smarty 2.6.11
smarty smarty 2.6.12
smarty smarty 2.4.0
smarty smarty 2.6.24
smarty smarty 2.6.25
smarty smarty 2.6.26
smarty smarty 1.4.1
smarty smarty 1.2.2
smarty smarty 1.3.0
smarty smarty 3.1.6
smarty smarty 3.1.1
smarty smarty 3.1
smarty smarty 2.6.22
smarty smarty 2.6.7
smarty smarty 2.6.3
smarty smarty 2.6.14
smarty smarty 2.0.0
smarty smarty 2.1.0
smarty smarty 2.3.0
smarty smarty 1.4.6
smarty smarty 1.5.1
smarty smarty 1.4.5
smarty smarty 1.3.1
smarty smarty 1.0b

CWE-79 http://secunia.com/advisories/49164 http://code.google.com/p/smarty-php/source/detail?r=4612 http://code.google.com/p/smarty-php/issues/detail?id=98&can=1 http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt http://www.securitytracker.com/id?1027061 https://nvd.nist.gov

Get Started

CVE-2012-4277

Vulnerability Summary

References

Vulmon Search

About

Products

Connect