VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Mar 3, 2012· Updated Apr 29, 2026

CVE-2012-1262

CVE-2012-1262

Description

Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.

Affected products

120
  • Movabletype/Movable Type Open Source30 versions
    cpe:2.3:a:movabletype:movable_type_open_source:*:*:*:*:*:*:*:*+ 29 more
    • cpe:2.3:a:movabletype:movable_type_open_source:*:*:*:*:*:*:*:*range: <=4.37
    • cpe:2.3:a:movabletype:movable_type_open_source:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.1:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.01:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.2:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.23:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.25:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.26:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.31:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.32:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.33:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.34:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.35:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.36:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.261:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.361:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.02:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.03:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.04:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.05:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.06:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.12:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.031:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.051:*:*:*:*:*:*:*
  • Movabletype/Movable Type Enterprise30 versions
    cpe:2.3:a:movabletype:movable_type_enterprise:*:*:*:*:*:*:*:*+ 29 more
    • cpe:2.3:a:movabletype:movable_type_enterprise:*:*:*:*:*:*:*:*range: <=4.37
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.01:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.1:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.2:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.23:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.25:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.26:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.31:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.32:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.33:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.34:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.35:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.36:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.261:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.361:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.02:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.03:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.04:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.05:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.06:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.12:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.031:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.051:*:*:*:*:*:*:*
  • Movabletype/Movable Type Advanced30 versions
    cpe:2.3:a:movabletype:movable_type_advanced:*:*:*:*:*:*:*:*+ 29 more
    • cpe:2.3:a:movabletype:movable_type_advanced:*:*:*:*:*:*:*:*range: <=4.37
    • cpe:2.3:a:movabletype:movable_type_advanced:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.01:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.1:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.2:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.23:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.25:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.26:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.31:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.32:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.33:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.34:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.35:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.36:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.261:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.361:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.02:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.03:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.04:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.05:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.06:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.12:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.031:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.051:*:*:*:*:*:*:*
  • Movabletype/Movable Type Pro30 versions
    cpe:2.3:a:movabletype:movable_type_pro:*:*:*:*:*:*:*:*+ 29 more
    • cpe:2.3:a:movabletype:movable_type_pro:*:*:*:*:*:*:*:*range: <=4.37
    • cpe:2.3:a:movabletype:movable_type_pro:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.1:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.01:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.2:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.23:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.25:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.26:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.31:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.32:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.33:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.34:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.35:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.36:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.261:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.361:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.02:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.03:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.04:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.05:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.06:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.12:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.031:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.051:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

13

News mentions

0

No linked articles in our index yet.