CVE-2012-4018

Published Oct 5, 2012

Last updated 3 months ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in Final Beta Laboratory MyWebSearch before 1.23 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
Source: vultures@jpcert.or.jp
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:finalbeta:mywebsearch:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF2748F1-58D9-4B08-B2C3-3E80F78BD1DD",
            "versionEndIncluding": "1.22"
          },
          {
            "criteria": "cpe:2.3:a:finalbeta:mywebsearch:1.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2650BAE-5BEB-4B88-BDC8-7B7E5CCF9F9E"
          },
          {
            "criteria": "cpe:2.3:a:finalbeta:mywebsearch:1.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6348E0ED-EE49-40A4-A901-8DA16A07E6EF"
          },
          {
            "criteria": "cpe:2.3:a:finalbeta:mywebsearch:1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87A7DB6F-4565-41C5-B96C-80802E42C214"
          },
          {
            "criteria": "cpe:2.3:a:finalbeta:mywebsearch:1.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "029B6ABD-B131-4B72-9545-B52BF31EECF7"
          },
          {
            "criteria": "cpe:2.3:a:finalbeta:mywebsearch:1.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B345EB92-106E-46AF-A5A0-E232E6F9C86C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References