CVE-2012-4679
published 2012-08-27CVE-2012-4679: Cross-site scripting (XSS) vulnerability in admin/login.php in Newscoop before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the…
PriorityP420medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
2.35%
81.6th percentile
Cross-site scripting (XSS) vulnerability in admin/login.php in Newscoop before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the f_user_name parameter.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sourcefabric | newscoop | <= 3.5.4 | — |
| sourcefabric | newscoop | — | — |
| sourcefabric | newscoop | — | — |
| sourcefabric | newscoop | — | — |
| sourcefabric | newscoop | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://dev.sourcefabric.org/browse/CS-4184http://secunia.com/advisories/48769http://www.securityfocus.com/bid/52941http://www.sourcefabric.org/en/newscoop/latestrelease/1141/Newscoop-355-and-Newscoop-4-RC4-security-releases.htmhttps://exchange.xforce.ibmcloud.com/vulnerabilities/74781https://www.htbridge.com/advisory/HTB23084http://dev.sourcefabric.org/browse/CS-4184http://secunia.com/advisories/48769http://www.securityfocus.com/bid/52941http://www.sourcefabric.org/en/newscoop/latestrelease/1141/Newscoop-355-and-Newscoop-4-RC4-security-releases.htmhttps://exchange.xforce.ibmcloud.com/vulnerabilities/74781https://www.htbridge.com/advisory/HTB23084
2012-08-27
Published