CVE-2012-1293

Publication date 25 September 2012

Last updated 24 July 2024


Ubuntu priority

Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams’ Fast File EXchange (F*EX, aka fex) before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the (1) to or (2) from parameters.

Read the notes from the security team

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
fex 11.10 oneiric
Not affected
11.04 natty
Fixed 20100208+debian1-1+squeeze1build0.11.04.1
10.10 maverick
Fixed 20100208+debian1-1+squeeze1build0.10.10.1
10.04 LTS lucid
Fixed 20091210+debian0-2ubuntu0.1
8.04 LTS hardy Not in release

Notes


jdstrand

F*EX <= 20100208 only