CVE-2012-1935
published 2012-08-27CVE-2012-1935: Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4.x before 4 RC4 allow remote attackers to inject arbitrary web script…
PriorityP420medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
2.90%
85.2th percentile
Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4.x before 4 RC4 allow remote attackers to inject arbitrary web script or HTML via the (1) Back parameter to admin/ad.php, or the (2) token or (3) f_email parameter to admin/password_check_token.php.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sourcefabric | newscoop | — | — |
| sourcefabric | newscoop | — | — |
| sourcefabric | newscoop | — | — |
| sourcefabric | newscoop | — | — |
| sourcefabric | newscoop | — | — |
| sourcefabric | newscoop | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2012-04/0130.htmlhttp://dev.sourcefabric.org/browse/CS-4179http://dev.sourcefabric.org/browse/CS-4182http://dev.sourcefabric.org/browse/CS-4183http://secunia.com/advisories/48769http://www.exploit-db.com/exploits/18752http://www.securityfocus.com/bid/52941http://www.sourcefabric.org/en/newscoop/latestrelease/1141/Newscoop-355-and-Newscoop-4-RC4-security-releases.htmhttps://exchange.xforce.ibmcloud.com/vulnerabilities/74781https://www.htbridge.com/advisory/HTB23084http://archives.neohapsis.com/archives/bugtraq/2012-04/0130.htmlhttp://dev.sourcefabric.org/browse/CS-4179http://dev.sourcefabric.org/browse/CS-4182http://dev.sourcefabric.org/browse/CS-4183http://secunia.com/advisories/48769http://www.exploit-db.com/exploits/18752http://www.securityfocus.com/bid/52941http://www.sourcefabric.org/en/newscoop/latestrelease/1141/Newscoop-355-and-Newscoop-4-RC4-security-releases.htmhttps://exchange.xforce.ibmcloud.com/vulnerabilities/74781https://www.htbridge.com/advisory/HTB23084
2012-08-27
Published