CVE-2012-6622

Multiple cross-site scripting (XSS) vulnerabilities in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) groupid parameter in an editgroup action or (2) usergroup_id parameter in an edit_usergroup action.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:vasthtml:forumpress:*:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.0:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.1:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.2:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.3:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.4:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.5:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.5.1:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.5.2:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.2:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.3:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.4:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.5:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.6:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.7:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.8:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.9:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.7:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.7.1:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.7.2:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.7.3:-:-:*:-:wordpress:*:*

History

No history.

Information

Published : 2014-01-16 21:55

Updated : 2024-02-04 18:35


NVD link : CVE-2012-6622

Mitre link : CVE-2012-6622

CVE.ORG link : CVE-2012-6622


JSON object : View

Products Affected

vasthtml

  • forumpress
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')