VYPR
Unrated severityNVD Advisory· Published Jul 3, 2012· Updated Jun 16, 2026

CVE-2012-3837

CVE-2012-3837

Description

Multiple cross-site scripting (XSS) vulnerabilities in apps/users/registration.template.php in Baby Gekko 1.2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) email_address, (3) password, (4) password_verify, (5) firstname, (6) lastname, or (7) verification_code parameter to users/action/register. NOTE: some of these details are obtained from third party information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

14
  • cpe:2.3:a:babygekko:baby_gekko:*:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:a:babygekko:baby_gekko:*:*:*:*:*:*:*:*range: <=1.2.0
    • cpe:2.3:a:babygekko:baby_gekko:0.90:*:*:*:*:*:*:*
    • cpe:2.3:a:babygekko:baby_gekko:0.91:*:*:*:*:*:*:*
    • cpe:2.3:a:babygekko:baby_gekko:0.98:alpha:*:*:*:*:*:*
    • cpe:2.3:a:babygekko:baby_gekko:0.99:beta:*:*:*:*:*:*
    • cpe:2.3:a:babygekko:baby_gekko:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:babygekko:baby_gekko:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:babygekko:baby_gekko:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:babygekko:baby_gekko:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:babygekko:baby_gekko:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:babygekko:baby_gekko:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:babygekko:baby_gekko:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:babygekko:baby_gekko:1.1.5:*:*:*:*:*:*:*
    • (no CPE)range: <=1.2.0

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.