CyberSec.Space Logo
CVEブラウザに戻る

CVE-2012-5873

MEDIUM
5.3
CVSS Severity Score
EPSS Score0.1380%
EPSS Percentile18.92th
Published2023年4月26日
Last Modified2025年2月3日

Vulnerability Description

ARC (aka ARC2) through 2011-12-01 allows reflected XSS via the end_point.php query parameter in an output=htmltab action.

Affected Platforms (CPE)

📦
Arc2 Project

Arc2

<= 2011-12-01

References & Advisories

🔗 https://www.ush.it/2012/11/22/arc-v2011-12-01-multiple-vulnerabilities/
🔗 https://www.ush.it/2012/11/22/arc-v2011-12-01-multiple-vulnerabilities/

関連する脆弱性情報

CVE-2009-054410.0

Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitr...

CVE-2012-58729.8

ARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via commen...

CVE-2012-525410.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...

CVE-2012-525510.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...