EUVD-2022-4990

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Multiple XSS vulnerabilities in Elefant CMS allow remote script injection via title or body parameter

Reporter	Title	Published	Views	Family All 9
CVE	CVE-2012-1296	26 Aug 201220:00	–	cve
Cvelist	CVE-2012-1296	26 Aug 201220:00	–	cvelist
Github Security Blog	Elefant CMS Multiple XSS Vulnerabilities	17 May 202201:48	–	github
htbridge	Multiple vulnerabilities in Elefant CMS	22 Feb 201200:00	–	htbridge
NVD	CVE-2012-1296	26 Aug 201220:55	–	nvd
OSV	GHSA-QJJQ-RCQ8-JW6J Elefant CMS Multiple XSS Vulnerabilities	17 May 202201:48	–	osv
Prion	Cross site scripting	26 Aug 201220:55	–	prion
securityvulns	Multiple vulnerabilities in Elefant CMS	19 Mar 201200:00	–	securityvulns
securityvulns	Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)	19 Mar 201200:00	–	securityvulns

[
  {
    "enisaIdVendor": [
      {
        "id": "8cf0fb3d-29b4-3368-ab07-876875d2cff4",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "a664b717-810a-36ac-aa58-bd4c3a1f3af3",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2012-1296
github	www.github.com/jbroadway/elefant/commit/1e38b1d91d9f8bfb4a0cda8316fe763a6cdd31d0
github	www.github.com/jbroadway/elefant/commit/4fc4e0a704f697e593be927a447ca12b2863ff85
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/73421
github	www.github.com/jbroadway/elefant
web	www.web.archive.org/web/20120306001248/http://www.elefantcms.com/forum/discussion/39/elefant-1.0.2-and-1.1.5-security-updates-released
web	www.web.archive.org/web/20200229030623/http://www.securityfocus.com/bid/52143
htbridge	www.htbridge.com/advisory/HTB23076
secunia	www.secunia.com/advisories/48118
elefantcms	www.elefantcms.com/wiki/Changelog

03 Oct 2025 20:07Current

6.4Medium risk

Vulners AI Score6.4

CVSS 24.3

EPSS0.00516