Lucene search
HistoryFeb 24, 2012 - 1:55 p.m.
CVE-2012-1209
cve-2012-1209
xss
vulnerability
backend
base.php
fork cms
remote attackers
web script
html
5.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
60.2%
Cross-site scripting (XSS) vulnerability in backend/core/engine/base.php in Fork CMS 3.2.4 and possibly other versions before 3.2.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter.
Affected configurations
Node
fork-cmsfork_cmsMatch3.2.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| fork-cms:fork_cms | fork-cms fork cms | eq | 3.2.4 |
Related
github
github
Fork CMS XSS via Highlight Parameter
2022-05-14 03:51:05
cvelist
cvelist
CVE-2012-1209
2012-02-20 19:00:00
osv
osv
Fork CMS XSS via Highlight Parameter
2022-05-14 03:51:05
nvd
nvd
CVE-2012-1209
2012-02-24 13:55:07
prion
prion
Cross site scripting
2012-02-24 13:55:00
openvas
openvas
Fork CMS Cross Site Scripting and Local File Include Vulnerabilities
2012-02-22 00:00:00
Fork CMS < 3.2.5 Multiple Vulnerabilities - Active Check
2012-02-22 00:00:00
5.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
60.2%
Related for CVE-2012-1209