CVE-2011-5199

2012-09-2317:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.0%

JSON

Cross-site scripting (XSS) vulnerability in sign.php in tinyguestbook allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

References

archives.neohapsis.com/archives/bugtraq/2012-01/0009.html

code.google.com/p/tinyguestbook/issues/detail?id=1

secunia.com/advisories/47419

www.securityfocus.com/bid/51248

exchange.xforce.ibmcloud.com/vulnerabilities/72075