CyberSec.Space Logo
Back to CVE Browser

CVE-2012-5873

MEDIUM
5.3
CVSS Severity Score
EPSS Score0.1380%
EPSS Percentile18.92th
PublishedApr 26, 2023
Last ModifiedFeb 3, 2025

Vulnerability Description

ARC (aka ARC2) through 2011-12-01 allows reflected XSS via the end_point.php query parameter in an output=htmltab action.

Affected Platforms (CPE)

📦
Arc2 Project

Arc2

<= 2011-12-01

References & Advisories

🔗 https://www.ush.it/2012/11/22/arc-v2011-12-01-multiple-vulnerabilities/
🔗 https://www.ush.it/2012/11/22/arc-v2011-12-01-multiple-vulnerabilities/

Related Vulnerabilities

CVE-2009-054410.0

Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitr...

CVE-2012-58729.8

ARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via commen...

CVE-2012-280010.0

Unspecified vulnerability in the ff_ivi_process_empty_tile function in libavcodec/ivi_common.c in FFmpeg before 0.11, and Libav 0....

CVE-2012-280110.0

Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unkn...