CVE-2012-5882

EPSS 0.30% · P53 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-5882

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader.swf, a similar issue to CVE-2010-4208.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Yahoo YUI library 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Yahoo YUI library是美国雅虎（Yahoo）公司的一款开源的JavaScript和CSS库。该产品主要用于构建丰富的交互式Web应用程序。 YUI library 2.5.0至2.9.0版本中的Flash组件基础设施中存在跨站脚本漏洞。远程攻击者利用该漏洞通过与uploader.swf相关的向量，注入任意web脚本或HTML。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2012-5882

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2012-5882

请登录查看更多情报信息。

🔗 http://www.yuiblog.com/blog/2012/10/30/security-announcement-swf-vulnerability-in-yui-2/x_refsource_CONFIRM
🔗 http://yuilibrary.com/support/20121030-vulnerability/x_refsource_CONFIRM
🔗 http://www.yuiblog.com/blog/2012/11/05/post-mortem-swf-vulnerability-in-yui-2/x_refsource_CONFIRM
🔗 http://www.securityfocus.com/bid/56385vdb-entryx_refsource_BID
https://nvd.nist.gov/vuln/detail/CVE-2012-5882

Same Patch Batch · n/a · 2012-11-16 · 15 CVEs total

CVE-2012-4612		EMC RSA Data Protection Manager 跨站脚本漏洞
CVE-2012-4613		EMC RSA Data Protection Manager 身份验证绕过漏洞
CVE-2012-5522		MantisBT 多个信息泄露漏洞
CVE-2012-5523		MantisBT 多个信息泄露漏洞
CVE-2012-5777		Empire CMS 模板解析器远程PHP代码执行漏洞
CVE-2012-4189		Bugzilla tabular报表字段值错误转义跨站脚本执行漏洞
CVE-2012-4197		Bugzilla 错误消息信息泄露漏洞
CVE-2012-4198		Bugzilla User.get()组信息泄露漏洞
CVE-2012-4199		Bugzilla field-events.js.tmpl产品和组件名信息泄露漏洞
CVE-2012-5881		Yahoo YUI library 跨站脚本漏洞
CVE-2012-5883		Mozilla Bugzilla 跨站脚本漏洞
CVE-2012-5884		Bugzilla Bugzilla/WebService/User.pm 信息泄露漏洞
CVE-2012-2733		Apache Tomcat 拒绝服务漏洞
CVE-2012-5172		Android Asial Monaca Debugger 信息泄露漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2012-5882

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2012-5882

I. Basic Information for CVE-2012-5882

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2012-5882

III. Intelligence Information for CVE-2012-5882

Same Patch Batch · n/a · 2012-11-16 · 15 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2012-5882

Leave a comment