Lucene search

[email protected]NVD:CVE-2012-4892

HistorySep 10, 2012 - 10:55 p.m.

CVE-2012-4892

2012-09-1022:55:07

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.9%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS 2012-03.08 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) title_en, (2) summary_en, or (3) body_en parameter in a submitnews action to the news module, a different vulnerability than CVE-2012-4890. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

flatnuxflatnuxRange≤2012-03.08

flatnuxflatnuxMatch2008-12-11

flatnuxflatnuxMatch2009-01-27

flatnuxflatnuxMatch2009-02-04

flatnuxflatnuxMatch2011-08-09-2

References

secunia.com/advisories/48656

www.osvdb.org/80877

exchange.xforce.ibmcloud.com/vulnerabilities/74566

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.9%

JSON

Related for NVD:CVE-2012-4892

cve2 cvelist2 prion2 nvd1