CVE-2012-1982

2012-04-0410:00:00

mitre

www.cve.org

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.8%

JSON

Cross-site scripting (XSS) vulnerability in my_admin/admin1_list_pages.php in SocialCMS 1.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the TR_title parameter in an edit action.

References

www.webapp-security.com/wp-content/uploads/2012/03/SocialCMS-1.0.2-XSS-Persistent-and-Reflected-Vulnerabilities1.txt

exchange.xforce.ibmcloud.com/vulnerabilities/74540