VYPR
Unrated severityNVD Advisory· Published Feb 11, 2020· Updated Aug 6, 2024

CVE-2012-6720

CVE-2012-6720

Description

Multiple cross-site scripting (XSS) vulnerabilities in SocialEngine before 4.2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to music/create, (2) location parameter to events/create, or (3) search parameter to widget/index/content_id/*.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.