CVE-2012-1066
Priority
Medium
Description
Cross-site scripting (XSS) vulnerability in the template module in
SmartyCMS 0.9.4 allows remote attackers to inject arbitrary web script or
HTML via the title bar.
SmartyCMS 0.9.4 allows remote attackers to inject arbitrary web script or
HTML via the title bar.
Notes
sbeattie> needs triage to discover whether it only affects smartyCMS or
the smarty template engine that smartyCMS is based on.
the smarty template engine that smartyCMS is based on.
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected (uses system smarty) |
| Ubuntu 11.10 (Oneiric Ocelot): | not-affected (uses system smarty) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (uses system smarty) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (uses system smarty) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (uses system smarty) |
| Ubuntu 13.10 (Saucy Salamander): | not-affected (uses system smarty) |
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected (uses system smarty) |
| Ubuntu 11.10 (Oneiric Ocelot): | not-affected (uses system smarty) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (uses system smarty) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (uses system smarty) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (uses system smarty) |
| Ubuntu 13.10 (Saucy Salamander): | not-affected (uses system smarty) |
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | needs-triage |
| Ubuntu 11.10 (Oneiric Ocelot): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | needs-triage |
| Ubuntu 12.10 (Quantal Quetzal): | needs-triage |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |