CVE-2013-3082
Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_password.php in Jojo before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter to forgot-password/.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0203 (2.0%)
Percentil: 83.9%
EPSS: 2026-05-06
Afecta
jojocms:jojo-cmsDescripción técnica
Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_password.php in Jojo before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter to forgot-password/.
Publicada: 9/6/2014, 19:55:09
Última modificación: 6/5/2026, 22:30:45
Referencias
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84286
- https://github.com/JojoCMS/Jojo-CMS/commit/9c000f961635e35e9984a8c16ca69c2cbf2d2236
- https://www.htbridge.com/advisory/HTB23153
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84286
- https://github.com/JojoCMS/Jojo-CMS/commit/9c000f961635e35e9984a8c16ca69c2cbf2d2236
- https://www.htbridge.com/advisory/HTB23153