CVE-2012-6555

2022-10-0316:15:28

mitre

www.cve.org

cve-2012-6555

cross-site scripting

latestcomment plugin

vanilla forums

remote attackers

web script

html

discussion title

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.9%

JSON

Cross-site scripting (XSS) vulnerability in the LatestComment plugin 1.1 for Vanilla Forums allows remote attackers to inject arbitrary web script or HTML via the discussion title.

References

secunia.com/advisories/49249

www.exploit-db.com/exploits/18908

www.henryhoggard.co.uk/security/191/

www.securityfocus.com/bid/53633