Lucene search
HistoryMay 23, 2013 - 3:55 p.m.
CVE-2012-6561
cve-2012-6561
cross-site scripting
xss vulnerability
elgg
security vulnerability
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.5%
Cross-site scripting (XSS) vulnerability in engine/lib/views.php in Elgg before 1.8.5 allows remote attackers to inject arbitrary web script or HTML via the view parameter to index.php. NOTE: some of these details are obtained from third party information.
Affected configurations
Node
elggelggRange≤1.8.4
ORelggelggMatch1.7.0
ORelggelggMatch1.7.1
ORelggelggMatch1.7.2
ORelggelggMatch1.7.3
ORelggelggMatch1.7.4
ORelggelggMatch1.7.5
ORelggelggMatch1.7.6
ORelggelggMatch1.7.7
ORelggelggMatch1.7.8
ORelggelggMatch1.7.9
ORelggelggMatch1.7.10
ORelggelggMatch1.7.11
ORelggelggMatch1.7.12
ORelggelggMatch1.7.13
ORelggelggMatch1.7.14
ORelggelggMatch1.7.15
ORelggelggMatch1.7.16
ORelggelggMatch1.7.17
ORelggelggMatch1.7.18
ORelggelggMatch1.8.0.1
ORelggelggMatch1.8.1
ORelggelggMatch1.8.3
Related
nvd
nvd
CVE-2012-6561
2013-05-23 15:55:02
prion
prion
Cross site scripting
2013-05-23 15:55:00
nessus
nessus
Elgg index.php view Parameter XSS
2012-06-22 00:00:00
cvelist
cvelist
CVE-2012-6561
2013-05-23 15:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.5%
Related for CVE-2012-6561