1
Candidate: CVE-2012-2112
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2112
5
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/
6
http://www.openwall.com/lists/oss-security/2012/04/18/1
8
Cross-site scripting (XSS) vulnerability in the Exception Handler in TYPO3
9
4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7
10
allows remote attackers to inject arbitrary web script or HTML via
14
jdstrand> according to upstream, requires 3rd-party extensions
21
upstream_typo3-src: released (4.5.14)
22
hardy_typo3-src: ignored (reached end-of-life)
23
lucid_typo3-src: ignored (reached end-of-life)
24
natty_typo3-src: released (4.3.9+dfsg1-1+squeeze4build0.11.04.1)
25
oneiric_typo3-src: ignored (reached end-of-life)
26
precise_typo3-src: ignored (reached end-of-life)
27
precise/esm_typo3-src: DNE (precise was needed)
28
quantal_typo3-src: not-affected (4.5.16+dfsg3-1)
29
raring_typo3-src: not-affected (4.5.16+dfsg3-1)
30
saucy_typo3-src: not-affected (4.5.16+dfsg3-1)
31
trusty_typo3-src: not-affected (4.5.16+dfsg3-1)
32
utopic_typo3-src: not-affected (4.5.16+dfsg3-1)
33
vivid_typo3-src: not-affected (4.5.16+dfsg3-1)
34
vivid/stable-phone-overlay_typo3-src: DNE
35
vivid/ubuntu-core_typo3-src: DNE
38
yakkety_typo3-src: DNE