Vulnerability CVE-2012-2436

Vulnerability CVE-2012-2436

Published: 2012-05-27 Modified: 2012-05-28

Description:

	Topic	Author	Date
Med.	Pligg CMS 1.2.1 Cross Site Scripting / Local File Inclusion	High-Tech Bridge...	26.05.2012

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
Pligg -> Pligg cms

https://www.htbridge.com/advisory/HTB23089

http://xforce.iss.net/xforce/xfdb/75764

http://www.securityfocus.com/bid/53625

http://secunia.com/secunia_research/2012-18/

http://secunia.com/advisories/45431

http://pligg.svn.sourceforge.net/viewvc/pligg?view=revision&revision=2452

http://pligg.svn.sourceforge.net/viewvc/pligg?view=revision&revision=2441

http://pligg.svn.sourceforge.net/viewvc/pligg?view=revision&revision=2440

http://pligg.svn.sourceforge.net/viewvc/pligg/trunk/modules/admin_language/admin_language_main.php?r1=2442&r2=2441&pathrev=2442

http://forums.pligg.com/downloads.php?do=file&id=15