Unrated severityNVD Advisory· Published Apr 8, 2014· Updated May 6, 2026

CVE-2012-6644

Description

Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.

Affected products

Clip Bucket/Clipbucket
cpe:2.3:a:clip-bucket:clipbucket:2.6:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osvdb.org/78193nvd
osvdb.org/78194nvd
osvdb.org/78195nvd
osvdb.org/78196nvd
osvdb.org/78197nvd
osvdb.org/78198nvd
osvdb.org/78199nvd
osvdb.org/78200nvd
packetstormsecurity.org/files/108489/clipbucket-sqlxss.txtnvd
secunia.com/advisories/47474nvd
www.exploit-db.com/exploits/18341nvd
www.securityfocus.com/bid/51321nvd
exchange.xforce.ibmcloud.com/vulnerabilities/72245nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.010
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000