Vulnerability CVE-2012-1188

Vulnerability CVE-2012-1188

Published: 2012-09-25 Modified: 2012-09-26

Description:

	Topic	Author	Date
Low	Fork CMS 3.2.5 Cross Site Scripting	High-Tech Bridge...	08.03.2012

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
Fork-cms -> Fork cms

http://www.fork-cms.com/blog/detail/fork-cms-3-2-7-released

https://www.htbridge.ch/advisory/HTB23075

https://github.com/forkcms/forkcms/commit/995220182068518e89019a265d113518f6566407

https://github.com/forkcms/forkcms/commit/1269fe8b3813c7b7d5552a2b88bc2e7bd4d0c1f9

http://xforce.iss.net/xforce/xfdb/73605

http://www.securityfocus.com/bid/52236

http://www.osvdb.org/79692

http://secunia.com/advisories/48183

http://archives.neohapsis.com/archives/bugtraq/2012-03/0022.html