Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1214

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-1214
Last Modified 24 Feb 2012 12:00:00
Published 21 Feb 2012 08:31:21
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-1214

Summary

Cross-site scripting (XSS) vulnerability in the Add friends module in Yoono Desktop Application before 1.8.21 allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action.

Vulnerable Systems

Application

  • Yoono Desktop 1.8.20


References

XF - yoono-addfriends-xss(73149)

CONFIRM - http://support.yoono.com/yoono/topics/xss-w35in

MISC - http://packetstormsecurity.org/files/109618/Yoono-Desktop-1.8.16-Cross-Site-Scripting.html

MISC - http://packetstormsecurity.org/files/109618/#comment-10343


Last Updated: 27 May 2016 10:58:18