CVE-2012-4890

2012-09-10T22:55:00
ID CVE-2012-4890
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:32:00

Description

Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS 2011 08.09.2 and earlier allow remote attackers to inject arbitrary web script or HTML via a (1) comment to the news, (2) title to the news, or (3) the folder names in a gallery.