Back to search
CVE-2012-0253
Published: Apr 18, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in Demand Media Pluck SiteLife before 5.0.13 allow remote attackers to inject arbitrary web script or HTML via (1) the jsonRequest parameter to Direct/Process, the (2) r or (3) cb parameter to Direct/jsonp.htm, or (4) the cb parameter to sys/jsonp.app/.htm.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
48778
third-party-advisory
x_refsource_SECUNIA
52968
vdb-entry
x_refsource_BID
plucksitelife-multiple-xss(74805)
vdb-entry
x_refsource_XF
http://www.kb.cert.org/vuls/id/MAPG-8Q6JEG
x_refsource_CONFIRM
VU#400619
third-party-advisory
x_refsource_CERT-VN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now