CVE-2012-5295

CVSS 4.3 - MEDIUM

Description

Cross-site scripting (XSS) vulnerability in login.cfm in FuseTalk Forums 3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the windowed parameter.

Affected Products

Vendor	Product	Version
fusetalk	fusetalk	`All versions`
fusetalk	fusetalk	`3.0`
fusetalk	fusetalk	`3.1`
fusetalk.	fusetalk	`2.0`

References

http://secunia.com/advisories/40850

http://st2tea.blogspot.com/2012/01/fusetalk-forums...

http://www.securityfocus.com/bid/51227

http://www.securitytracker.com/id?1026483

https://exchange.xforce.ibmcloud.com/vulnerabiliti...

http://secunia.com/advisories/40850

http://st2tea.blogspot.com/2012/01/fusetalk-forums...

http://www.securityfocus.com/bid/51227

http://www.securitytracker.com/id?1026483

https://exchange.xforce.ibmcloud.com/vulnerabiliti...

Weakness Types

CWE-79

CVE Information

CVE ID:: CVE-2012-5295
Published:: 2012-10-04
Modified:: 2026-04-29
CVSS Score:: 4.3
Severity:: MEDIUM
Vector:: AV:N/AC:M/Au:N/C:N/I:P/A:N

Affected Vendors

fusetalk fusetalk.

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL