CVE-2012-4352 in webNetwork
Сводка (Английский)
Multiple cross-site scripting (XSS) vulnerabilities in Stoneware webNetwork 6.1 before SP1 allow remote attackers to inject arbitrary web script or HTML via the blogName parameter to (1) community/blog.jsp or (2) community/blogSearch.jsp, the (3) calendarType or (4) monthNumber parameter to community/calendar.jsp, or the (5) flag parameter to swDashboard/ajax/setAppFlag.jsp.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Резервировать
17.08.2012
Раскрытие
18.02.2013
Статус
Подтверждённый
Записи
VulDB provides additional information and datapoints for this CVE:
| ИД | Уязвимость | CWE | Экс | Кон | CVE |
|---|---|---|---|---|---|
| 63588 | Stone-ware webNetwork межсайтовый скриптинг | 79 | Не определено | Официальное исправление | CVE-2012-4352 |