CVE-2012-6131

NONE EPSS 78.2%
Published Apr 11, 201412y ago · Modified Jun 16, 20262w ago
Find Similar
Published Apr 11, 2014 12y ago
Last Modified Jun 16, 2026 2w ago

Description

Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the @action parameter to support/issue1.

Threat Intelligence

EPSS Exploit Probability
78.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 20

VendorProductVersionRange
roundup-trackerroundup* ≤1.4.19
roundup-trackerroundup1.4.0any
roundup-trackerroundup1.4.1any
roundup-trackerroundup1.4.2any
roundup-trackerroundup1.4.3any
roundup-trackerroundup1.4.4any
roundup-trackerroundup1.4.5any
roundup-trackerroundup1.4.6any
roundup-trackerroundup1.4.7any
roundup-trackerroundup1.4.8any
roundup-trackerroundup1.4.9any
roundup-trackerroundup1.4.10any
roundup-trackerroundup1.4.11any
roundup-trackerroundup1.4.12any
roundup-trackerroundup1.4.13any
roundup-trackerroundup1.4.14any
roundup-trackerroundup1.4.15any
roundup-trackerroundup1.4.16any
roundup-trackerroundup1.4.17any
roundup-trackerroundup1.4.18any

References 6

Remediation