CVE-2012-1979

2012-04-17T18:55:00
ID CVE-2012-1979
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:31:00

Description

Cross-site scripting (XSS) vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the email parameter (aka Email address field) in an edit_user configuration action.