CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-4950

Cross-site scripting (XSS) vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters that are not properly handled during construction of error messages.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.0%

CVSS Severity

CVSS v2 Score 4.3

References

http://osvdb.org/87053
http://secunia.com/advisories/51203
http://www.kb.cert.org/vuls/id/802596
http://www.securityfocus.com/bid/56381
https://exchange.xforce.ibmcloud.com/vulnerabilities/79787
http://osvdb.org/87053
http://secunia.com/advisories/51203
http://www.kb.cert.org/vuls/id/802596
http://www.securityfocus.com/bid/56381
https://exchange.xforce.ibmcloud.com/vulnerabilities/79787

Products affected by CVE-2012-4950

Patterninsight » Pattern Insight » Version: 2.3

cpe:2.3:a:patterninsight:pattern_insight:2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-4950

Products

Pricing

Contact Us