Avoid Cross-Site Scripting Vulnerabilities in Wikidforum 2.10
CVE-2012-2099

Currently unrated

Key Information:

Vendor: Wikidforum
Status: Wikidforum
Vendor: CVE Published:; 24 January 2013

What is CVE-2012-2099?

Multiple cross-site scripting vulnerabilities exist in Wikidforum 2.10, which allow remote attackers to inject arbitrary web scripts or HTML via manipulation of the search field or specific parameters like Author and select_sort in advanced searches. This can lead to the execution of malicious scripts in the context of unsuspecting users, compromising user data and potentially leading to further network infiltration.

References

http://www.wikidforum.com/forum/forum-software_29/wikidfo...

x_refsource_MISC

http://archives.neohapsis.com/archives/bugtraq/2012-03/00...

mailing-listx_refsource_BUGTRAQ

http://www.osvdb.org/80838

vdb-entryx_refsource_OSVDB

EPSS Score

26% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 24, 2013
Vulnerability Reserved
Apr 4, 2012

CVE-2012-2099 Data

JSON