Vulnerability CVE-2012-1604

Vulnerability CVE-2012-1604

Published: 2012-10-01 Modified: 2012-10-02

Description:

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
Nextbbs -> Nextbbs

http://www.waraxe.us/advisory-80.html

http://www.securityfocus.com/bid/52728

http://www.osvdb.org/80627

http://www.openwall.com/lists/oss-security/2012/03/30/2

http://www.openwall.com/lists/oss-security/2012/03/29/8

http://packetstormsecurity.org/files/111250/NextBBS-0.6.0-Authentication-Bypass-SQL-Injection-XSS.html

http://archives.neohapsis.com/archives/bugtraq/2012-03/0135.html