Unrated severityNVD Advisory· Published Apr 2, 2013· Updated Apr 29, 2026

CVE-2012-6550

Description

Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via "the clipText returned from the flash object," a different vulnerability than CVE-2013-1808.

Affected products

Zeroclipboard Project/Zeroclipboard2 versions
cpe:2.3:a:zeroclipboard_project:zeroclipboard:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:zeroclipboard_project:zeroclipboard:*:*:*:*:*:*:*:*range: <=1.0.7
- cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.0.5:*:*:*:*:*:*:*

Patches

51b67b6d696f

https://github.com/jonrohan/ZeroClipboardvia osv

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

seclists.org/fulldisclosure/2013/Feb/103nvd
github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.mdnvd
github.com/jonrohan/ZeroClipboard/commit/51b67b6d696f62aaf003210c08542588222c4913nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	-0.070
ransomware	0.000