Search criteria
9 vulnerabilities found for zeroclipboard by zeroclipboard_project
FKIE_CVE-2014-1869
Vulnerability from fkie_nvd - Published: 2014-02-08 00:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | openshift | * | |
| zeroclipboard_project | zeroclipboard | * | |
| zeroclipboard_project | zeroclipboard | 1.0.5 | |
| zeroclipboard_project | zeroclipboard | 1.0.7 | |
| zeroclipboard_project | zeroclipboard | 1.0.8 | |
| zeroclipboard_project | zeroclipboard | 1.1.0 | |
| zeroclipboard_project | zeroclipboard | 1.1.1 | |
| zeroclipboard_project | zeroclipboard | 1.1.2 | |
| zeroclipboard_project | zeroclipboard | 1.1.3 | |
| zeroclipboard_project | zeroclipboard | 1.1.4 | |
| zeroclipboard_project | zeroclipboard | 1.1.5 | |
| zeroclipboard_project | zeroclipboard | 1.1.6 | |
| zeroclipboard_project | zeroclipboard | 1.1.7 | |
| zeroclipboard_project | zeroclipboard | 1.2.0 | |
| zeroclipboard_project | zeroclipboard | 1.2.1 | |
| zeroclipboard_project | zeroclipboard | 1.2.2 | |
| zeroclipboard_project | zeroclipboard | 1.2.3 | |
| zeroclipboard_project | zeroclipboard | 1.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "0A492A49-052F-4CD5-AE7E-AF8A6B3E1B2D",
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C95E20C-E8E5-4177-B6CC-C7AAB9874B3F",
"versionEndIncluding": "1.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A25DABC8-9172-45BA-929A-09787D8C83B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3D277410-4FC8-4A41-AA03-264545655F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1186EF88-A330-4053-A373-8246126769D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CDB3F9E-9B3C-4A59-A7F5-9009502953E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "08278232-6FB5-4C56-95E7-5EA381D838BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "32D2DCB7-7D13-4E62-B0B4-133196CE887B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C5EA9387-77FF-4764-9E3E-80132C6F93F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DEA98F4C-7E6E-470F-B1AE-9FBA1FB3FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7307B1-1C05-4644-8CEC-4256E08D3513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A05848DC-A88C-4287-90A3-2ADE07A94D60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "51F0A114-122D-4ECA-B70E-CF9D04E6B215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B5C2BE-AC6A-4793-881C-5EDD290B3762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE8972F-6679-4735-83FD-2F4A0770C9AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "771CCAFF-D346-4276-BA20-6D5F2311356A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7C02A2-2591-4DA0-8373-595379E77C06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A68C7E5F-A832-41F4-B9D4-F9B09524ABD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters)."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en ZeroClipboard.swf en ZeroClipboard anterior a 1.3.2, mantenido por Jon Rohan y James M. Greene, permiten a atacantes remotos inyectar script Web o HTML arbitrarios a trav\u00e9s de vectores relacionados con ciertos par\u00e1metros de consulta SWF (tambi\u00e9n conocido como loaderInfo.parameters)."
}
],
"id": "CVE-2014-1869",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-02-08T00:55:06.207",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/56821"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/65484"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2016:0070"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91085"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/zeroclipboard/zeroclipboard/pull/335"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2"
},
{
"source": "cve@mitre.org",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/65484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:0070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/zeroclipboard/zeroclipboard/pull/335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-1808
Vulnerability from fkie_nvd - Published: 2013-04-02 03:23 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this is might be the same vulnerability as CVE-2013-1463. If so, it is likely that CVE-2013-1463 will be REJECTed.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zeroclipboard_project | zeroclipboard | * | |
| zeroclipboard_project | zeroclipboard | 1.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0284A7C-86A6-4613-92AA-252D73C6143C",
"versionEndIncluding": "1.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A25DABC8-9172-45BA-929A-09787D8C83B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this is might be the same vulnerability as CVE-2013-1463. If so, it is likely that CVE-2013-1463 will be REJECTed."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-site scripting (XSS) en los archivos ZeroClipboard.swf y ZeroClipboard10.swf en ZeroClipboard anterior a versi\u00f3n 1.0.8, tal como es usado en em-shorty, RepRapCalculator, Fulcrum, Django, aCMS y otros productos, permite a atacantes remotos inyectar script web HTML arbitrario por medio del par\u00e1metro id. NOTA: esta es la misma vulnerabilidad que CVE-2013-1463. Si es as\u00ed, es probable que CVE-2013-1463 ser\u00e1 RECHAZADO."
}
],
"id": "CVE-2013-1808",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-02T03:23:26.280",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2013/Apr/87"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2013/Apr/88"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2013/Feb/109"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2013/Mar/5"
},
{
"source": "secalert@redhat.com",
"url": "http://securityvulns.ru/docs29103.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://securityvulns.ru/docs29104.html"
},
{
"source": "secalert@redhat.com",
"url": "http://securityvulns.ru/docs29105.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/03/03/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/10/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/03/25/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/8"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/58257"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-108"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/jonrohan/ZeroClipboard/commit/a0e02933f5f7ce5f364fbad36a005f0a349f0696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2013/Apr/87"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2013/Apr/88"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2013/Feb/109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2013/Mar/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityvulns.ru/docs29103.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityvulns.ru/docs29104.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityvulns.ru/docs29105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/03/03/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/10/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/03/25/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/58257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/jonrohan/ZeroClipboard/commit/a0e02933f5f7ce5f364fbad36a005f0a349f0696"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-6550
Vulnerability from fkie_nvd - Published: 2013-04-02 03:22 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via "the clipText returned from the flash object," a different vulnerability than CVE-2013-1808.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zeroclipboard_project | zeroclipboard | * | |
| zeroclipboard_project | zeroclipboard | 1.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0284A7C-86A6-4613-92AA-252D73C6143C",
"versionEndIncluding": "1.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A25DABC8-9172-45BA-929A-09787D8C83B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via \"the clipText returned from the flash object,\" a different vulnerability than CVE-2013-1808."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-site scripting (XSS) en ZeroClipboard anterior a versi\u00f3n 1.1.4, permite a los atacantes remotos inyectar script web o HTML arbitrario por medio de \"the clipText returned from the flash object,\" una vulnerabilidad diferente de CVE-2013-1808."
}
],
"id": "CVE-2012-6550",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-04-02T03:22:13.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-114"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/jonrohan/ZeroClipboard/commit/51b67b6d696f62aaf003210c08542588222c4913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/jonrohan/ZeroClipboard/commit/51b67b6d696f62aaf003210c08542588222c4913"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-1869 (GCVE-0-2014-1869)
Vulnerability from cvelistv5 – Published: 2014-02-08 00:00 – Updated: 2024-08-06 09:58
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:15.417Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/pull/335"
},
{
"name": "zeroclipboard-cve20141869-xss(91085)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91085"
},
{
"name": "56821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56821"
},
{
"name": "65484",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65484"
},
{
"name": "RHSA-2016:0070",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:0070"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/pull/335"
},
{
"name": "zeroclipboard-cve20141869-xss(91085)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91085"
},
{
"name": "56821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56821"
},
{
"name": "65484",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65484"
},
{
"name": "RHSA-2016:0070",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:0070"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1869",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zeroclipboard/zeroclipboard/pull/335",
"refsource": "CONFIRM",
"url": "https://github.com/zeroclipboard/zeroclipboard/pull/335"
},
{
"name": "zeroclipboard-cve20141869-xss(91085)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91085"
},
{
"name": "56821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56821"
},
{
"name": "65484",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65484"
},
{
"name": "RHSA-2016:0070",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:0070"
},
{
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01"
},
{
"name": "https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2",
"refsource": "CONFIRM",
"url": "https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2"
},
{
"name": "https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca",
"refsource": "MISC",
"url": "https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1869",
"datePublished": "2014-02-08T00:00:00",
"dateReserved": "2014-02-06T00:00:00",
"dateUpdated": "2024-08-06T09:58:15.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1808 (GCVE-0-2013-1808)
Vulnerability from cvelistv5 – Published: 2013-03-28 17:00 – Updated: 2024-08-06 15:13
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this is might be the same vulnerability as CVE-2013-1463. If so, it is likely that CVE-2013-1463 will be REJECTed.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:13:32.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/jonrohan/ZeroClipboard/commit/a0e02933f5f7ce5f364fbad36a005f0a349f0696"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb"
},
{
"name": "[oss-security] 20130326 Re: WordPress plugins vulnerable to CVE-2013-1808",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/8"
},
{
"name": "20130218 XSS vulnerabilities in ZeroClipboard",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"name": "20130220 XSS vulnerabilities in YAML, Multiproject for Trac, UserCollections for Piwigo, TAO and TableTools for DataTables for jQuery",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/109"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityvulns.ru/docs29105.html"
},
{
"name": "[oss-security] 20130302 Re: [Full-disclosure] XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS - ZeroClipboard.swf",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/03/3"
},
{
"name": "20130301 XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Mar/5"
},
{
"name": "20130418 XSS vulnerabilities in ZeroClipboard in multiple plugins for WordPress",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/87"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityvulns.ru/docs29103.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityvulns.ru/docs29104.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-108"
},
{
"name": "[oss-security] 20130310 WordPress plugins vulnerable to CVE-2013-1808",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/10/2"
},
{
"name": "20130409 XSS and FPD vulnerabilities in ZeroClipboard in multiple themes for WordPress",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/88"
},
{
"name": "[oss-security] 20130324 XSS vulnerabilities in ZeroClipboard and multiple web applications",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/25/1"
},
{
"name": "58257",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58257"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this is might be the same vulnerability as CVE-2013-1463. If so, it is likely that CVE-2013-1463 will be REJECTed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-10T13:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jonrohan/ZeroClipboard/commit/a0e02933f5f7ce5f364fbad36a005f0a349f0696"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb"
},
{
"name": "[oss-security] 20130326 Re: WordPress plugins vulnerable to CVE-2013-1808",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/8"
},
{
"name": "20130218 XSS vulnerabilities in ZeroClipboard",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"name": "20130220 XSS vulnerabilities in YAML, Multiproject for Trac, UserCollections for Piwigo, TAO and TableTools for DataTables for jQuery",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/109"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityvulns.ru/docs29105.html"
},
{
"name": "[oss-security] 20130302 Re: [Full-disclosure] XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS - ZeroClipboard.swf",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/03/3"
},
{
"name": "20130301 XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Mar/5"
},
{
"name": "20130418 XSS vulnerabilities in ZeroClipboard in multiple plugins for WordPress",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/87"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityvulns.ru/docs29103.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityvulns.ru/docs29104.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-108"
},
{
"name": "[oss-security] 20130310 WordPress plugins vulnerable to CVE-2013-1808",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/10/2"
},
{
"name": "20130409 XSS and FPD vulnerabilities in ZeroClipboard in multiple themes for WordPress",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/88"
},
{
"name": "[oss-security] 20130324 XSS vulnerabilities in ZeroClipboard and multiple web applications",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/25/1"
},
{
"name": "58257",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/58257"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-1808",
"datePublished": "2013-03-28T17:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:13:32.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-6550 (GCVE-0-2012-6550)
Vulnerability from cvelistv5 – Published: 2013-03-28 17:00 – Updated: 2024-08-06 21:36
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via "the clipText returned from the flash object," a different vulnerability than CVE-2013-1808.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:36:00.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-114"
},
{
"name": "20130218 XSS vulnerabilities in ZeroClipboard",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/jonrohan/ZeroClipboard/commit/51b67b6d696f62aaf003210c08542588222c4913"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via \"the clipText returned from the flash object,\" a different vulnerability than CVE-2013-1808."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-03T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-114"
},
{
"name": "20130218 XSS vulnerabilities in ZeroClipboard",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jonrohan/ZeroClipboard/commit/51b67b6d696f62aaf003210c08542588222c4913"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via \"the clipText returned from the flash object,\" a different vulnerability than CVE-2013-1808."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-114",
"refsource": "CONFIRM",
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-114"
},
{
"name": "20130218 XSS vulnerabilities in ZeroClipboard",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"name": "https://github.com/jonrohan/ZeroClipboard/commit/51b67b6d696f62aaf003210c08542588222c4913",
"refsource": "CONFIRM",
"url": "https://github.com/jonrohan/ZeroClipboard/commit/51b67b6d696f62aaf003210c08542588222c4913"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6550",
"datePublished": "2013-03-28T17:00:00",
"dateReserved": "2013-03-28T00:00:00",
"dateUpdated": "2024-08-06T21:36:00.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1869 (GCVE-0-2014-1869)
Vulnerability from nvd – Published: 2014-02-08 00:00 – Updated: 2024-08-06 09:58
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:15.417Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/pull/335"
},
{
"name": "zeroclipboard-cve20141869-xss(91085)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91085"
},
{
"name": "56821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56821"
},
{
"name": "65484",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65484"
},
{
"name": "RHSA-2016:0070",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:0070"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/pull/335"
},
{
"name": "zeroclipboard-cve20141869-xss(91085)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91085"
},
{
"name": "56821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56821"
},
{
"name": "65484",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65484"
},
{
"name": "RHSA-2016:0070",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:0070"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1869",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zeroclipboard/zeroclipboard/pull/335",
"refsource": "CONFIRM",
"url": "https://github.com/zeroclipboard/zeroclipboard/pull/335"
},
{
"name": "zeroclipboard-cve20141869-xss(91085)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91085"
},
{
"name": "56821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56821"
},
{
"name": "65484",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65484"
},
{
"name": "RHSA-2016:0070",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:0070"
},
{
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01"
},
{
"name": "https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2",
"refsource": "CONFIRM",
"url": "https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2"
},
{
"name": "https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca",
"refsource": "MISC",
"url": "https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1869",
"datePublished": "2014-02-08T00:00:00",
"dateReserved": "2014-02-06T00:00:00",
"dateUpdated": "2024-08-06T09:58:15.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1808 (GCVE-0-2013-1808)
Vulnerability from nvd – Published: 2013-03-28 17:00 – Updated: 2024-08-06 15:13
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this is might be the same vulnerability as CVE-2013-1463. If so, it is likely that CVE-2013-1463 will be REJECTed.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:13:32.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/jonrohan/ZeroClipboard/commit/a0e02933f5f7ce5f364fbad36a005f0a349f0696"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb"
},
{
"name": "[oss-security] 20130326 Re: WordPress plugins vulnerable to CVE-2013-1808",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/8"
},
{
"name": "20130218 XSS vulnerabilities in ZeroClipboard",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"name": "20130220 XSS vulnerabilities in YAML, Multiproject for Trac, UserCollections for Piwigo, TAO and TableTools for DataTables for jQuery",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/109"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityvulns.ru/docs29105.html"
},
{
"name": "[oss-security] 20130302 Re: [Full-disclosure] XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS - ZeroClipboard.swf",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/03/3"
},
{
"name": "20130301 XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Mar/5"
},
{
"name": "20130418 XSS vulnerabilities in ZeroClipboard in multiple plugins for WordPress",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/87"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityvulns.ru/docs29103.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityvulns.ru/docs29104.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-108"
},
{
"name": "[oss-security] 20130310 WordPress plugins vulnerable to CVE-2013-1808",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/10/2"
},
{
"name": "20130409 XSS and FPD vulnerabilities in ZeroClipboard in multiple themes for WordPress",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/88"
},
{
"name": "[oss-security] 20130324 XSS vulnerabilities in ZeroClipboard and multiple web applications",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/25/1"
},
{
"name": "58257",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58257"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this is might be the same vulnerability as CVE-2013-1463. If so, it is likely that CVE-2013-1463 will be REJECTed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-10T13:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jonrohan/ZeroClipboard/commit/a0e02933f5f7ce5f364fbad36a005f0a349f0696"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb"
},
{
"name": "[oss-security] 20130326 Re: WordPress plugins vulnerable to CVE-2013-1808",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/8"
},
{
"name": "20130218 XSS vulnerabilities in ZeroClipboard",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"name": "20130220 XSS vulnerabilities in YAML, Multiproject for Trac, UserCollections for Piwigo, TAO and TableTools for DataTables for jQuery",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/109"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityvulns.ru/docs29105.html"
},
{
"name": "[oss-security] 20130302 Re: [Full-disclosure] XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS - ZeroClipboard.swf",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/03/3"
},
{
"name": "20130301 XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Mar/5"
},
{
"name": "20130418 XSS vulnerabilities in ZeroClipboard in multiple plugins for WordPress",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/87"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityvulns.ru/docs29103.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityvulns.ru/docs29104.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-108"
},
{
"name": "[oss-security] 20130310 WordPress plugins vulnerable to CVE-2013-1808",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/10/2"
},
{
"name": "20130409 XSS and FPD vulnerabilities in ZeroClipboard in multiple themes for WordPress",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/88"
},
{
"name": "[oss-security] 20130324 XSS vulnerabilities in ZeroClipboard and multiple web applications",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/25/1"
},
{
"name": "58257",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/58257"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-1808",
"datePublished": "2013-03-28T17:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:13:32.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-6550 (GCVE-0-2012-6550)
Vulnerability from nvd – Published: 2013-03-28 17:00 – Updated: 2024-08-06 21:36
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via "the clipText returned from the flash object," a different vulnerability than CVE-2013-1808.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:36:00.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-114"
},
{
"name": "20130218 XSS vulnerabilities in ZeroClipboard",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/jonrohan/ZeroClipboard/commit/51b67b6d696f62aaf003210c08542588222c4913"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via \"the clipText returned from the flash object,\" a different vulnerability than CVE-2013-1808."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-03T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-114"
},
{
"name": "20130218 XSS vulnerabilities in ZeroClipboard",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jonrohan/ZeroClipboard/commit/51b67b6d696f62aaf003210c08542588222c4913"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via \"the clipText returned from the flash object,\" a different vulnerability than CVE-2013-1808."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-114",
"refsource": "CONFIRM",
"url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-114"
},
{
"name": "20130218 XSS vulnerabilities in ZeroClipboard",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2013/Feb/103"
},
{
"name": "https://github.com/jonrohan/ZeroClipboard/commit/51b67b6d696f62aaf003210c08542588222c4913",
"refsource": "CONFIRM",
"url": "https://github.com/jonrohan/ZeroClipboard/commit/51b67b6d696f62aaf003210c08542588222c4913"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6550",
"datePublished": "2013-03-28T17:00:00",
"dateReserved": "2013-03-28T00:00:00",
"dateUpdated": "2024-08-06T21:36:00.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}