CVE-2012-1410

Multiple cross-site scripting (XSS) vulnerabilities in the History Window implementation in Kadu 0.9.0 through 0.11.0 allow remote attackers to inject arbitrary web script or HTML via a crafted (1) SMS message, (2) presence message, or (3) status description.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:kadu:kadu:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:kadu:kadu:0.10.0:*:*:*:*:*:*:*
cpe:2.3:a:kadu:kadu:0.11.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-02-29 11:55

Updated : 2024-02-04 17:54


NVD link : CVE-2012-1410

Mitre link : CVE-2012-1410

CVE.ORG link : CVE-2012-1410


JSON object : View

Products Affected

kadu

  • kadu
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')