CVEブラウザに戻る

CVE-2012-3999

MEDIUM

4.3

CVSS Severity Score

EPSS Score0.1560%

EPSS Percentile44.29th

Published2012年7月12日

Last Modified2026年4月29日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in admin/login.php in Sticky Notes 0.3.09062012.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter.

Affected Platforms (CPE)

📦

Sayakbanerjee

Sticky Notes

<= 0.3.09062012.4

References & Advisories

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/77138

🔗 https://gitorious.org/sticky-notes/sticky-notes/merge_requests/2

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/77138

🔗 https://gitorious.org/sticky-notes/sticky-notes/merge_requests/2

関連する脆弱性情報

CVE-2021-479727.5

Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by cr...

CVE-2021-479737.5

Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting exc...

CVE-2012-39987.5

Multiple SQL injection vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers to execute arbitrary SQL comma...

CVE-2011-26304.3

Opera before 11.11 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page t...