CVE-2012-2909

Sažetak

Multiple cross-site scripting (XSS) vulnerabilities in Viscacha 0.8.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) text field in the Private Messages System, (2) Bad Word field in Zensur, or (3) Portal or (4) Topic field in Kommentar.

Reference

http://www.exploit-db.com/exploits/18873
http://www.securityfocus.com/bid/53496
http://www.vulnerability-lab.com/get_content.php?id=525
https://exchange.xforce.ibmcloud.com/vulnerabilities/75577

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

29-08-2017 - 01:31

Objavljeno

21-05-2012 - 18:55