CVE-2012-6132
Cross-site scripting (XSS) vulnerability in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the otk parameter.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0026 (0.3%)
Percentil: 48.8%
EPSS: 2026-05-06
Afecta
roundup-tracker:roundupDescripción técnica
Cross-site scripting (XSS) vulnerability in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the otk parameter.
Publicada: 10/4/2014, 20:29:23
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://www.openwall.com/lists/oss-security/2012/11/10/2
- http://www.openwall.com/lists/oss-security/2013/02/13/8
- https://bugzilla.redhat.com/show_bug.cgi?id=722672
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84191
- http://www.openwall.com/lists/oss-security/2012/11/10/2
- http://www.openwall.com/lists/oss-security/2013/02/13/8
- https://bugzilla.redhat.com/show_bug.cgi?id=722672
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84191