CVE-2012-5914

Multiple cross-site scripting (XSS) vulnerabilities in the sed_import function in system/functions.php in Neocrome Seditio build 160 and 161 allow remote attackers to inject arbitrary web script or HTML via the (1) newmsg or (2) rtext parameter. NOTE: some of these details are obtained from third party information.
Configurations

Configuration 1 (hide)

cpe:2.3:a:neocrome:seditio:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-11-17 21:55

Updated : 2024-02-04 18:16


NVD link : CVE-2012-5914

Mitre link : CVE-2012-5914

CVE.ORG link : CVE-2012-5914


JSON object : View

Products Affected

neocrome

  • seditio
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')