CVE-2012-4234

Cross-site scripting (XSS) vulnerability in the group moderation screen in the control center (control.php) in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via the group parameter.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:phorum:phorum:*:*:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:5.2:*:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:5.2.10:*:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:5.2.10:rc1:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:5.2.11:*:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:5.2.12:*:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:5.2.12:a:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:5.2.13:*:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:5.2.14:*:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:5.2.15:*:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:5.2.15:a:*:*:*:*:*:*
cpe:2.3:a:phorum:phorum:5.2.16:*:*:*:*:*:*:*

History

07 Nov 2023, 02:11

Type Values Removed Values Added
References
  • {'url': 'http://www.phorum.org/phorum5/read.php?64,151943', 'name': 'http://www.phorum.org/phorum5/read.php?64,151943', 'tags': ['Patch'], 'refsource': 'CONFIRM'}
  • () http://www.phorum.org/phorum5/read.php?64%2C151943 -

Information

Published : 2014-09-04 14:55

Updated : 2024-02-28 12:20


NVD link : CVE-2012-4234

Mitre link : CVE-2012-4234

CVE.ORG link : CVE-2012-4234


JSON object : View

Products Affected

phorum

  • phorum
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')