NVD

Id
47209  
Name
CVE-2012-6528  
Description
Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 2.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) themes/default/tile_search/index.tmpl.php, (2) login.php, (3) search.php, (4) password_reminder.php, (5) login.php/jscripts/infusion, (6) login.php/mods/_standard/flowplayer, (7) browse.php/jscripts/infusion/framework/fss, (8) registration.php/themes/default/ie_styles.css, (9) about.php, or (10) themes/default/social/basic_profile.tmpl.php.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2013-01-31  
Modified Date
2013-01-31  
Seq
2012-6528  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
236172 47209 CVE-2012-6528 20120115 ATutor 2.0.3 Multiple XSS vulnerabilities  View
236173 47209 CVE-2012-6528 http://atutor.ca/atutor/change_log.php  View
236174 47209 CVE-2012-6528 http://www.darksecurity.de/advisories/2012/SSCHADV2012-002.txt  View
236175 47209 CVE-2012-6528 51423  View
236176 47209 CVE-2012-6528 atutor-multiplescripts-xss(72412)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
30214 JVNDB-2012-005921 ATutor におけるクロスサイトスクリプティングの脆弱性 ATutor には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2012-6528 59766 CVE-2012-6528 47209 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005921.html 2012-10-05 2013-02-01 View