WEB APPLICATION VULNERABILITIES Standard & Premium

Dolphin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0873)

Description

Multiple cross-site scripting (XSS) vulnerabilities in Boonex Dolphin before 7.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) explain parameter to explanation.php or the (2) photos_only, (3) online_only, or (4) mode parameters to viewFriends.php.

Remediation

References

Related Vulnerabilities

Jboss EAP CVE-2016-6796 Vulnerability (CVE-2016-6796)

WordPress Plugin Crony Cronjob Manager Multiple Vulnerabilities (0.4.4)

ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1822)

Oracle Application Server Other Vulnerability (CVE-2007-2121)

WordPress Plugin Contact Form & SMTP Plugin for WordPress by PirateForms Cross-Site Scripting (2.5.1)

Severity

Medium

Classification

CVE-2012-0873 CWE-707

Tags

Missing Update Known Vulnerabilities