CVE-2012-6720

CVE-2012-6720 concerns a Cross-Site Scripting (XSS) vulnerability in SocialEngine prior to version 4.2.4. The issue allows remote attackers to inject arbitrary web script or HTML through specific parameters: (1) title to music/create, (2) location to events/create, and (3) search to widget/index/...