Lucene search
MitreCVE-2012-4890HistorySep 10, 2012 - 10:55 p.m.
CVE-2012-4890
2012-09-1022:55:07
CWE-79
mitre
web.nvd.nist.gov
36
cve
2012
4890
flatnux cms
xss
vulnerabilities
remote
injection
web script
html
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.004
Percentile
72.9%
Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS 2011 08.09.2 and earlier allow remote attackers to inject arbitrary web script or HTML via a (1) comment to the news, (2) title to the news, or (3) the folder names in a gallery.
Affected configurations
Node
flatnuxflatnuxRange≤2011-08-09-2
ORflatnuxflatnuxMatch2008-12-11
ORflatnuxflatnuxMatch2009-01-27
ORflatnuxflatnuxMatch2009-02-04
| Vendor | Product | Version | CPE |
|---|---|---|---|
| flatnux | flatnux | * | cpe:2.3:a:flatnux:flatnux:*:*:*:*:*:*:*:* |
| flatnux | flatnux | 2008-12-11 | cpe:2.3:a:flatnux:flatnux:2008-12-11:*:*:*:*:*:*:* |
| flatnux | flatnux | 2009-01-27 | cpe:2.3:a:flatnux:flatnux:2009-01-27:*:*:*:*:*:*:* |
| flatnux | flatnux | 2009-02-04 | cpe:2.3:a:flatnux:flatnux:2009-02-04:*:*:*:*:*:*:* |
References
Related
prion
prion
Cross site scripting
2012-09-10 22:55:00
Cross site scripting
2012-09-10 22:55:00
nvd
nvd
CVE-2012-4890
2012-09-10 22:55:07
CVE-2012-4892
2012-09-10 22:55:07
cvelist
cvelist
CVE-2012-4890
2012-09-10 22:00:00
CVE-2012-4892
2012-09-10 22:00:00
cve
cve
CVE-2012-4892
2012-09-10 22:55:07
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.004
Percentile
72.9%
Related for CVE-2012-4890