Cross-Site Scripting Vulnerabilities in LEPTON CMS by Lepton
CVE-2012-1000

Currently unrated

Key Information:

Vendor

Lepton-cms

Status
Lepton
Vendor
CVE Published:
24 February 2012

What is CVE-2012-1000?

LEPTON CMS versions prior to 1.1.4 are susceptible to multiple cross-site scripting flaws. Attackers can exploit these vulnerabilities by injecting arbitrary scripts through the message parameter in admins/login/forgot/index.php and through display_name or email parameters in account/preferences.php. This exploitation can lead to unauthorized actions or data exposure, presenting significant risks to users and system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.lepton-cms.org/media/changelog/changelog_1.1.4...
x_refsource_CONFIRM
http://www.lepton-cms.org/posts/security-release-lepton-1...
x_refsource_CONFIRM
https://www.htbridge.ch/advisory/HTB23072
x_refsource_MISC

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.