CVE-2012-1301

EPSS 3.16%
Veröffentlicht 13.04.2017 17:59:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their behalf via the "url" parameter.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Umbraco ≫ Umbraco Cms Version4.7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.16%	0.857

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securityfocus.com/archive/1/522218

Third Party Advisory

VDB Entry

http://www.securityfocus.com/bid/52912

Third Party Advisory

VDB Entry

https://www.trustmatta.com/advisories/MATTA-2012-001.txt

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2012-1301

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-1301

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-1301

EUVD