Lucene search
HistoryDec 11, 2012 - 12:18 p.m.
CVE-2012-6312
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.002
Percentile
57.1%
Cross-site scripting (XSS) vulnerability in the Video Lead Form plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the errMsg parameter in a video-lead-form action to wp-admin/admin.php.
Affected configurations
Node
video-lead-formuk-cookieMatch-
wordpresswordpressMatch-
Related
cvelist
cvelist
CVE-2012-6312
2022-10-03 16:15:27
wpvulndb
wpvulndb
Video Lead Form - "errMsg" Cross-Site Scripting
2014-08-01 10:58:55
securityvulns
securityvulns
Update on CVE assigned for Video Lead Form Plugin Cross-Site
2012-12-10 00:00:00
prion
prion
Cross site scripting
2012-12-11 12:18:00
cve
cve
CVE-2012-6312
2022-10-03 16:15:27
packetstorm
packetstorm
WordPress Video Lead Form 0.5 Cross Site Scripting
2012-11-30 00:00:00
patchstack
patchstack
WordPress Video Lead Form Plugin - Cross Site Scripting
2012-11-29 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.002
Percentile
57.1%
Related for NVD:CVE-2012-6312