CVE-2012-3952

2012-08-12T00:55:00
ID CVE-2012-3952
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:32:00

Description

Cross-site scripting (XSS) vulnerability in admin/index.php in phpList before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via the unconfirmed parameter to the user page.