QwikSec

Security Database

CVE

CWE

Training

CVE-2012-1188

Published: Sep 26, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) type or (2) querystring parameters to private/en/error or (3) name parameter to private/en/locale/index.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

forkcms-index-xss(73605)

vdb-entry

x_refsource_XF

https://github.com/forkcms/forkcms/commit/1269fe8b3813c7b7d5552a2b88bc2e7bd4d0c1f9

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

http://www.fork-cms.com/blog/detail/fork-cms-3-2-7-released

x_refsource_CONFIRM

https://www.htbridge.ch/advisory/HTB23075

x_refsource_MISC

20120307 Multiple XSS in Fork CMS

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_OSVDB

https://github.com/forkcms/forkcms/commit/995220182068518e89019a265d113518f6566407

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.