CVE-2012-1470

EUVD-2012-1488
Multiple cross-site scripting (XSS) vulnerabilities in code_editor.php in ocPortal before 7.1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) path or (2) line parameters.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 86%
Affected Products (NVD)
VendorProductVersion
ocportalocportal
𝑥
≤ 7.1.5
ocportalocportal
4.0
ocportalocportal
4.0.1
ocportalocportal
4.0.2
ocportalocportal
4.0.3
ocportalocportal
4.0.4
ocportalocportal
4.0.5
ocportalocportal
4.1
ocportalocportal
4.1.1
ocportalocportal
4.1.2
ocportalocportal
4.1.3
ocportalocportal
4.1.4
ocportalocportal
4.1.5
ocportalocportal
4.1.6
ocportalocportal
4.1.8
ocportalocportal
4.1.9
ocportalocportal
4.1.10
ocportalocportal
4.1.11
ocportalocportal
4.1.12
ocportalocportal
4.1.13
ocportalocportal
4.2
ocportalocportal
4.2:beta1
ocportalocportal
4.2:beta2
ocportalocportal
4.2:rc1
ocportalocportal
4.2:rc2
ocportalocportal
4.2:rc3
ocportalocportal
4.2.1
ocportalocportal
4.2.2
ocportalocportal
4.3
ocportalocportal
4.3:rc1
ocportalocportal
4.3:rc2
ocportalocportal
4.3:rc3
ocportalocportal
4.3.1
ocportalocportal
4.3.2
ocportalocportal
5.0
ocportalocportal
5.0:rc1
ocportalocportal
5.0.1
ocportalocportal
5.0.2
ocportalocportal
5.0.2:beta1
ocportalocportal
5.0.3
ocportalocportal
5.1:beta1
ocportalocportal
6.0
ocportalocportal
6.0:beta1
ocportalocportal
6.0:beta2
ocportalocportal
6.0:rc1
ocportalocportal
6.0:rc2
ocportalocportal
6.0:rc3
ocportalocportal
6.0.1
ocportalocportal
6.0.2
ocportalocportal
6.0.3
ocportalocportal
6.1
ocportalocportal
6.1.1
ocportalocportal
6.2:rc1
ocportalocportal
7.0
ocportalocportal
7.0.1
ocportalocportal
7.1
ocportalocportal
7.1:beta1
ocportalocportal
7.1.1
ocportalocportal
7.1.2
ocportalocportal
7.1.3
ocportalocportal
7.1.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://ocportal.com/site/news/view/new-releases/ocportal-7-1-6-released.htm
http://ocportal.com/site/news/view/ocportal-security-update.htm
https://www.htbridge.com/advisory/HTB23078
http://ocportal.com/site/news/view/new-releases/ocportal-7-1-6-released.htm
http://ocportal.com/site/news/view/ocportal-security-update.htm
https://www.htbridge.com/advisory/HTB23078