CVE-2012-1215

2012-02-2020:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.2%

JSON

Cross-site scripting (XSS) vulnerability in the Add friends module in the Yoono extension before 7.7.8 for Firefox allows remote attackers to inject arbitrary web script or HTML via the create field in a “Create a group” action.

References

packetstormsecurity.org/files/109617/#comment-10344

packetstormsecurity.org/files/109617/Yoono-Firefox-7.7.0-Cross-Site-Scripting.html

support.yoono.com/yoono/topics/xss-w35in

www.securityfocus.com/bid/51970

exchange.xforce.ibmcloud.com/vulnerabilities/73150