Multiple cross-site scripting (XSS) vulnerabilities in backend/core/engine/base.php in Fork CMS 3.2.4 and possibly other versions before 3.2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) report parameter to blog/settings or (2) error parameter to users/index.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2012-02-20T19:00:00Z

Updated: 2024-09-16T22:20:23.650Z

Reserved: 2012-02-20T00:00:00Z

Link: CVE-2012-1208

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-02-24T13:55:07.390

Modified: 2024-11-21T01:36:39.967

Link: CVE-2012-1208

cve-icon Redhat

No data.