CVE-2012-1215

Cross-site scripting (XSS) vulnerability in the Add friends module in the Yoono extension before 7.7.8 for Firefox allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 56%
VendorProductVersion
yoonoyoono_for_firefox
𝑥
≤ 7.7.7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.org/files/109617/#comment-10344
http://packetstormsecurity.org/files/109617/Yoono-Firefox-7.7.0-Cross-Site-Scripting.html
http://support.yoono.com/yoono/topics/xss-w35in
http://www.securityfocus.com/bid/51970
https://exchange.xforce.ibmcloud.com/vulnerabilities/73150
http://packetstormsecurity.org/files/109617/#comment-10344
http://packetstormsecurity.org/files/109617/Yoono-Firefox-7.7.0-Cross-Site-Scripting.html
http://support.yoono.com/yoono/topics/xss-w35in
http://www.securityfocus.com/bid/51970
https://exchange.xforce.ibmcloud.com/vulnerabilities/73150