CVE-2012-1470

Multiple cross-site scripting (XSS) vulnerabilities in code_editor.php in ocPortal before 7.1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) path or (2) line parameters.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
ocportalocportal
𝑥
≤ 7.1.5
ocportalocportal
4.0
ocportalocportal
4.0.1
ocportalocportal
4.0.2
ocportalocportal
4.0.3
ocportalocportal
4.0.4
ocportalocportal
4.0.5
ocportalocportal
4.1
ocportalocportal
4.1.1
ocportalocportal
4.1.2
ocportalocportal
4.1.3
ocportalocportal
4.1.4
ocportalocportal
4.1.5
ocportalocportal
4.1.6
ocportalocportal
4.1.8
ocportalocportal
4.1.9
ocportalocportal
4.1.10
ocportalocportal
4.1.11
ocportalocportal
4.1.12
ocportalocportal
4.1.13
ocportalocportal
4.2
ocportalocportal
4.2:beta1
ocportalocportal
4.2:beta2
ocportalocportal
4.2:rc1
ocportalocportal
4.2:rc2
ocportalocportal
4.2:rc3
ocportalocportal
4.2.1
ocportalocportal
4.2.2
ocportalocportal
4.3
ocportalocportal
4.3:rc1
ocportalocportal
4.3:rc2
ocportalocportal
4.3:rc3
ocportalocportal
4.3.1
ocportalocportal
4.3.2
ocportalocportal
5.0
ocportalocportal
5.0:rc1
ocportalocportal
5.0.1
ocportalocportal
5.0.2
ocportalocportal
5.0.2:beta1
ocportalocportal
5.0.3
ocportalocportal
5.1:beta1
ocportalocportal
6.0
ocportalocportal
6.0:beta1
ocportalocportal
6.0:beta2
ocportalocportal
6.0:rc1
ocportalocportal
6.0:rc2
ocportalocportal
6.0:rc3
ocportalocportal
6.0.1
ocportalocportal
6.0.2
ocportalocportal
6.0.3
ocportalocportal
6.1
ocportalocportal
6.1.1
ocportalocportal
6.2:rc1
ocportalocportal
7.0
ocportalocportal
7.0.1
ocportalocportal
7.1
ocportalocportal
7.1:beta1
ocportalocportal
7.1.1
ocportalocportal
7.1.2
ocportalocportal
7.1.3
ocportalocportal
7.1.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://ocportal.com/site/news/view/new-releases/ocportal-7-1-6-released.htm
http://ocportal.com/site/news/view/ocportal-security-update.htm
https://www.htbridge.com/advisory/HTB23078
http://ocportal.com/site/news/view/new-releases/ocportal-7-1-6-released.htm
http://ocportal.com/site/news/view/ocportal-security-update.htm
https://www.htbridge.com/advisory/HTB23078