Unrated severityNVD Advisory· Published Jan 24, 2013· Updated Apr 29, 2026

CVE-2012-2099

Description

Multiple cross-site scripting (XSS) vulnerabilities in Wikidforum 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) search field, or the (2) Author or (3) select_sort parameters in an advanced search.

Affected products

Wikidforum/Wikidforum
cpe:2.3:a:wikidforum:wikidforum:2.10:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/bugtraq/2012-03/0046.htmlnvdExploit
www.darksecurity.de/advisories/2012/SSCHADV2012-005.txtnvdExploit
www.securityfocus.com/bid/52425nvdExploit
www.openwall.com/lists/oss-security/2012/04/12/12nvd
www.openwall.com/lists/oss-security/2012/04/12/5nvd
www.osvdb.org/80838nvd
www.osvdb.org/80839nvd
www.wikidforum.com/forum/forum-software_29/wikidforum-support_31/sschadv2012-005-unfixed-xss-and-sql-injection-security-vulnerabilities_188.htmlnvd
exchange.xforce.ibmcloud.com/vulnerabilities/73985nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.021
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000