CVE-2012-2634
Published Jun 15, 2012
Last updated 12 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in FeedDemon before 4.0, when the feed preview option is enabled, allows remote attackers to inject arbitrary web script or HTML via a feed.
- Source
- vultures@jpcert.or.jp
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.6
- Impact score
- 2.9
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:newsgator:feeddemon:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "665996C0-8B4C-424E-9275-077FB9131E3F",
"versionEndIncluding": "3"
},
{
"criteria": "cpe:2.3:a:newsgator:feeddemon:2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "431DD077-F1A4-4361-A68F-A63C37D6ABD9"
},
{
"criteria": "cpe:2.3:a:newsgator:feeddemon:2.0.0.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8631919E-6C04-435A-B09E-15B075B49C93"
},
{
"criteria": "cpe:2.3:a:newsgator:feeddemon:2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7C646B9-6C0F-4D8F-8F11-B037F493F33A"
},
{
"criteria": "cpe:2.3:a:newsgator:feeddemon:2.6.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3DCF7D23-9C4A-4DE2-A24F-633E3C433723"
},
{
"criteria": "cpe:2.3:a:newsgator:feeddemon:2.6.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2A586F3-6116-454E-9E64-360F74729BA5"
},
{
"criteria": "cpe:2.3:a:newsgator:feeddemon:2.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "416EDD09-E7CE-4F8D-9DEE-305BA9C7A89B"
}
],
"operator": "OR"
}
]
}
]