CVE-2012-0414

{"id": "CVE-2012-0414", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-12-02T04:36:26.540", "references": [{"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5145796.html", "source": "cve@mitre.org"}, {"url": "https://bugzilla.novell.com/show_bug.cgi?id=761165", "source": "cve@mitre.org"}, {"url": "https://support.novell.com/security/cve/CVE-2012-0414.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise (SLE) 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an image name."}, {"lang": "es", "value": "Vulnerabilidad de XSS en el servicio Spacewalk de SUSE Manager 1.2 para SUSE Linux Enterprise (SLE) 11 SP1 permite a atacantes remotos inyectar script web o HTML arbitrario a trav\u00e9s de un nombre de imagen."}], "lastModified": "2014-03-04T18:56:39.827", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:novell:suse_manager:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D611DAF0-9F2C-4543-8E84-BBD18499350D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:novell:suse_linux:11:sp1:desktop:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "26CC3F42-7BC9-4E12-A98C-9CE8CEF3140F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}