CVE-2012-4037

Multiple cross-site scripting (XSS) vulnerabilities in the web client in Transmission before 2.61 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) created by, or (3) name field in a torrent file.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:transmissionbt:transmission:*:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.1:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.2:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.3:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.4:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.5:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.6:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.70:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.71:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.72:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.80:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.81:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.82:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.90:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.91:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.92:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.93:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.94:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.95:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.96:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.00:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.01:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.02:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.2:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.03:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.04:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.05:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.06:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.10:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.11:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.20:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.21:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.22:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.30:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.31:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.32:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.33:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.34:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.40:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.41:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.42:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.50:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.51:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.52:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.53:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.54:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.60:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.61:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.70:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.71:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.72:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.73:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.74:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.75:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.76:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.77:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.80:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.81:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.82:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.83:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.90:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.91:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.92:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.93:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.00:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.01:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.02:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.03:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.04:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.10:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.11:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.12:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.13:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.20:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.21:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.22:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.30:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.31:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.32:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.33:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.40:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.41:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.42:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.50:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.51:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.52:*:*:*:*:*:*:*

History

21 Nov 2024, 01:42

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/fulldisclosure/2012-07/0349.html - Exploit () http://archives.neohapsis.com/archives/fulldisclosure/2012-07/0349.html - Exploit
References () http://secunia.com/advisories/50027 - Vendor Advisory () http://secunia.com/advisories/50027 - Vendor Advisory
References () http://secunia.com/advisories/50769 - () http://secunia.com/advisories/50769 -
References () http://www.madirish.net/541 - Exploit () http://www.madirish.net/541 - Exploit
References () http://www.securityfocus.com/bid/54705 - () http://www.securityfocus.com/bid/54705 -
References () http://www.ubuntu.com/usn/USN-1584-1 - () http://www.ubuntu.com/usn/USN-1584-1 -
References () https://trac.transmissionbt.com/ticket/4979 - Patch () https://trac.transmissionbt.com/ticket/4979 - Patch
References () https://trac.transmissionbt.com/wiki/Changes#version-2.61 - () https://trac.transmissionbt.com/wiki/Changes#version-2.61 -

Information

Published : 2012-08-15 20:55

Updated : 2024-11-21 01:42


NVD link : CVE-2012-4037

Mitre link : CVE-2012-4037

CVE.ORG link : CVE-2012-4037


JSON object : View

Products Affected

transmissionbt

  • transmission
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')