CVE-2012-4267

Published: 13/08/2012 Updated: 14/02/2024

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in user/register in Sockso 1.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the name parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pu-gh sockso 1.1.2
pu-gh sockso 1.1.6
pu-gh sockso 1.1.1
pu-gh sockso 1.2.5
pu-gh sockso 1.4
pu-gh sockso 1.2.2
pu-gh sockso
pu-gh sockso 1.2
pu-gh sockso 1.3.5
pu-gh sockso 1.1.4
pu-gh sockso 1.2.7
pu-gh sockso 1.3.2
pu-gh sockso 1.4.2
pu-gh sockso 1.1.7
pu-gh sockso 1.2.1
pu-gh sockso 1.3.3
pu-gh sockso 1.1
pu-gh sockso 1.3.1
pu-gh sockso 1.2.4
pu-gh sockso 1.1.8
pu-gh sockso 1.1.3
pu-gh sockso 1.4.1
pu-gh sockso 1.3
pu-gh sockso 1.1.5
pu-gh sockso 1.2.3
pu-gh sockso 1.3.4
pu-gh sockso 1.2.6

####################################################################### Application: Sockso socksopu-ghcom Versions: <= 15 Platforms: Windows, Mac, Linux Bug: Persistant XSS Exploitation: remote Date: 11 May 2012 Author: Ciaran McNally Web: smwyg ...

CWE-79 https://github.com/rodnaph/sockso/pull/99/files http://secunia.com/advisories/49148 http://smwyg.com/blog/#sockso-persistant-xss-attack http://www.exploit-db.com/exploits/18868 https://github.com/rodnaph/sockso/issues/93 https://github.com/rodnaph/sockso/commit/fe2d895ea8eb8b8ccad5a3319f472e45d6ba5136 https://nvd.nist.gov https://www.exploit-db.com/exploits/18868/

CVE-2012-4267

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect