Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-f32p-xm43-x77w

Опубликовано: 17 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to (1) autocomplete.php, (2) search/ajax/autosuggest.php, (3) livesuggest.php, or (4) save.php in frontend/modules/search/ajax.

Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to (1) autocomplete.php, (2) search/ajax/autosuggest.php, (3) livesuggest.php, or (4) save.php in frontend/modules/search/ajax.

Ссылки

EPSS

Процентиль: 63%
0.00446
Низкий

CVE ID

CVE-2012-5164

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2012-5164

nvd
больше 13 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to (1) autocomplete.php, (2) search/ajax/autosuggest.php, (3) livesuggest.php, or (4) save.php in frontend/modules/search/ajax.

EPSS

Процентиль: 63%
0.00446
Низкий

CVE ID

CVE-2012-5164

Дефекты

CWE-79