Vulnerability Details CVE-2012-3840
Multiple cross-site scripting (XSS) vulnerabilities in index.php/users/form/user_id in MyClientBase 0.12 allow remote attackers to inject arbitrary web script or HTML via the (1) first_name or (2) last_name parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.027
EPSS Ranking 85.6%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/48961
- http://www.exploit-db.com/exploits/18814
- http://www.securityfocus.com/bid/53311
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75299
- http://secunia.com/advisories/48961
- http://www.exploit-db.com/exploits/18814
- http://www.securityfocus.com/bid/53311
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75299
Products affected by CVE-2012-3840
-
cpe:2.3:a:myclientbase:myclientbase:0.12