CVE-2012-6662

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde", "name": "https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde", "tags": ["Patch", "Issue Tracking", "Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "https://github.com/jquery/jquery-ui/commit/5fee6fd5000072ff32f2d65b6451f39af9e0e39e", "name": "https://github.com/jquery/jquery-ui/commit/5fee6fd5000072ff32f2d65b6451f39af9e0e39e", "tags": ["Patch", "Issue Tracking", "Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://bugs.jqueryui.com/ticket/8861", "name": "http://bugs.jqueryui.com/ticket/8861", "tags": ["Issue Tracking", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://seclists.org/oss-sec/2014/q4/616", "name": "[oss-security] 20141114 Re: old CVE assignments for JQuery 1.10.0", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "MLIST"}, {"url": "http://seclists.org/oss-sec/2014/q4/613", "name": "[oss-security] 20141114 old CVE assignments for JQuery 1.10.0", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "MLIST"}, {"url": "http://bugs.jqueryui.com/ticket/8859", "name": "http://bugs.jqueryui.com/ticket/8859", "tags": ["Issue Tracking", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-0442.html", "name": "RHSA-2015:0442", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://www.securityfocus.com/bid/71107", "name": "71107", "tags": [], "refsource": "BID"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1462.html", "name": "RHSA-2015:1462", "tags": [], "refsource": "REDHAT"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98697", "name": "jqueryui-cve20126662-xss(98697)", "tags": [], "refsource": "XF"}, {"url": "https://github.com/jquery/jquery/issues/2432", "name": "https://github.com/jquery/jquery/issues/2432", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-79"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-6662", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2014-11-24T16:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:jqueryui:jquery_ui:1.10.0:rc1:*:*:*:jquery:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-07-14T01:29Z"}