NVD

Id
46374  
Name
CVE-2012-5163  
Description
Cross-site scripting (XSS) vulnerability in oc-admin/ajax/ajax.php in OSClass before 2.3.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter in an enable_category action to index.php.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2012-09-25  
Modified Date
2013-01-18  
Seq
2012-5163  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
232604 46374 CVE-2012-5163 http://osclass.org/2012/01/16/osclass-2-3-5/  View
232605 46374 CVE-2012-5163 http://www.codseq.it/advisories/multiple_vulnerabilities_in_osclass  View
232606 46374 CVE-2012-5163 osclass-index-ajax-xss(78962)  View
232607 46374 CVE-2012-5163 https://github.com/osclass/OSClass/commit/ff7ef8a97301aaaf6a97fe46c2c27981a86b4e2f#diff-1  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
28903 JVNDB-2012-004610 OSClass の oc-admin/ajax/ajax.php におけるクロスサイトスクリプティングの脆弱性 OSClass の oc-admin/ajax/ajax.php には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2012-5163 58401 CVE-2012-5163 46374 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004610.html 2012-01-16 2012-09-27 View