Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1252

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-1252
Last Modified 05 Jun 2012 12:00:00
Published 04 Jun 2012 11:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-1252

Summary

Cross-site scripting (XSS) vulnerability in RSSOwl before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a feed, a different vulnerability than CVE-2006-4760.

Vulnerable Systems

Application

  • Rssowl 2.0

  • Rssowl 2.0.1

  • Rssowl 2.0.2

  • Rssowl 2.0.3

  • Rssowl 2.0.4

  • Rssowl 2.0.5

  • Rssowl 2.0.6

  • Rssowl 2.1


References

JVNDB - JVNDB-2012-000048

JVN - JVN#77947437


Last Updated: 27 May 2016 10:49:36