CVE-2012-3831

Published Jul 3, 2012

Last updated 12 years ago

Overview

Description: Cross-site scripting (XSS) vulnerability in decoda/templates/video.php in Decoda before 3.3.1 allows remote attackers to inject arbitrary web script or HTML via multiple URLs in an img tag.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:milesj:decoda:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27F496AD-9848-4185-8674-A12782AC9C26",
            "versionEndIncluding": "3.3"
          },
          {
            "criteria": "cpe:2.3:a:milesj:decoda:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5AEBB7F-BFA3-4CBF-B26C-97806B05C268"
          },
          {
            "criteria": "cpe:2.3:a:milesj:decoda:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F2F1754-C888-44A1-A7E0-5A5B569AE07A"
          },
          {
            "criteria": "cpe:2.3:a:milesj:decoda:2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CB1FB66-17DD-45DD-9EBD-152FA05D6307"
          },
          {
            "criteria": "cpe:2.3:a:milesj:decoda:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9D063A8-EA17-408E-9735-C5BE2397C3DB"
          },
          {
            "criteria": "cpe:2.3:a:milesj:decoda:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "625E2703-3E3D-4C3E-ADF6-A9AE797C9773"
          },
          {
            "criteria": "cpe:2.3:a:milesj:decoda:2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDC6B34B-214E-438F-AF0B-DC923C269F76"
          },
          {
            "criteria": "cpe:2.3:a:milesj:decoda:2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CA217E9-69D3-4EE5-9A86-0E8122C531D1"
          },
          {
            "criteria": "cpe:2.3:a:milesj:decoda:2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE4854CA-D608-4C7F-8837-A021DC1023D6"
          },
          {
            "criteria": "cpe:2.3:a:milesj:decoda:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E18B7BA8-E6B8-4297-962F-D2DC21A743A0"
          },
          {
            "criteria": "cpe:2.3:a:milesj:decoda:3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C00AAC8A-6BE8-4728-BE2D-041F738B057F"
          },
          {
            "criteria": "cpe:2.3:a:milesj:decoda:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CB07A44-8EB7-45E9-ABF3-5F53B64DD2FD"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References