CVE-2012-2648

EUVD-2012-2634
Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Common Weakness Enumeration
References
http://jvn.jp/en/jp/JVN01598734/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000073
http://jvn.jp/en/jp/JVN01598734/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000073