CVE-2012-4037

N/A Unknown

Published: August 15, 2012 Modified: April 29, 2026

Description

Multiple cross-site scripting (XSS) vulnerabilities in the web client in Transmission before 2.61 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) created by, or (3) name field in a torrent file.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://archives.neohapsis.com/archives/fulldisclosure/2012-07/0349.html

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/50027

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/50769

Source: cve@mitre.org

http://www.madirish.net/541

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/54705

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-1584-1

Source: cve@mitre.org

https://trac.transmissionbt.com/ticket/4979

Source: cve@mitre.org

Patch

https://trac.transmissionbt.com/wiki/Changes#version-2.61

Source: cve@mitre.org

http://archives.neohapsis.com/archives/fulldisclosure/2012-07/0349.html