Cross-Site Scripting Vulnerability in b2evolution by b2evolution
CVE-2012-5911

Currently unrated

Key Information:

Vendor: B2evolution
Status: B2evolution
Vendor: CVE Published:; 17 November 2012

🔔 Create B2evolution Vulnerability Alert

What is CVE-2012-5911?

A Cross-Site Scripting (XSS) vulnerability in the blogs/blog1.php file of b2evolution version 4.1.3 allows attackers to inject arbitrary web scripts or HTML content through the message body. This vulnerability can lead to unauthorized access to sensitive information and compromised user sessions, thereby posing significant risks to web applications using this version of b2evolution. It is crucial for developers and users of b2evolution to apply necessary patches and updates to mitigate potential exploits.

References

http://osvdb.org/80672

vdb-entryx_refsource_OSVDB

http://packetstormsecurity.org/files/111294/B2Evolution-C...

x_refsource_MISC

http://www.securityfocus.com/bid/52783

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Nov 17, 2012
Vulnerability Reserved
Nov 17, 2012

JSON