Episerver Episerver Cms : Security vulnerabilities, CVEs

Copy

CVE-2012-1034

Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Max CVSS

4.3

EPSS Score

0.22%

Published

2012-02-08

Updated

2012-02-14

CVE-2012-1031

Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mode privileges, a different vulnerability than CVE-2011-3416 and CVE-2011-3417.

Max CVSS

6.0

EPSS Score

0.34%

Published

2012-02-08

Updated

2012-02-14

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!