Lucene search

K
cve[email protected]CVE-2012-0900
HistoryJan 20, 2012 - 5:55 p.m.

CVE-2012-0900

2012-01-2017:55:02
CWE-79
web.nvd.nist.gov
17
cve-2012-0900
xss
beehive forum
1.0.1
vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.033 Low

EPSS

Percentile

91.4%

Multiple cross-site scripting (XSS) vulnerabilities in Beehive Forum 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) forum/register.php or (2) forum/logon.php.

Affected configurations

NVD
Node
beehive_forumbeehive_forumMatch1.0.1

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.033 Low

EPSS

Percentile

91.4%

Related for CVE-2012-0900