CVE-2012-1935

2012-08-27T17:55:01
ID CVE-2012-1935
Type cve
Reporter NVD
Modified 2017-08-28T21:31:26

Description

Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4.x before 4 RC4 allow remote attackers to inject arbitrary web script or HTML via the (1) Back parameter to admin/ad.php, or the (2) token or (3) f_email parameter to admin/password_check_token.php.