CVE-2012-6132

NONE EPSS 76.1%
Published Apr 10, 201412y ago · Modified Jun 16, 20262w ago
Find Similar
Published Apr 10, 2014 12y ago
Last Modified Jun 16, 2026 2w ago

Description

Cross-site scripting (XSS) vulnerability in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the otk parameter.

Threat Intelligence

EPSS Exploit Probability
76.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 20

VendorProductVersionRange
roundup-trackerroundup* ≤1.4.19
roundup-trackerroundup1.4.0any
roundup-trackerroundup1.4.1any
roundup-trackerroundup1.4.2any
roundup-trackerroundup1.4.3any
roundup-trackerroundup1.4.4any
roundup-trackerroundup1.4.5any
roundup-trackerroundup1.4.6any
roundup-trackerroundup1.4.7any
roundup-trackerroundup1.4.8any
roundup-trackerroundup1.4.9any
roundup-trackerroundup1.4.10any
roundup-trackerroundup1.4.11any
roundup-trackerroundup1.4.12any
roundup-trackerroundup1.4.13any
roundup-trackerroundup1.4.14any
roundup-trackerroundup1.4.15any
roundup-trackerroundup1.4.16any
roundup-trackerroundup1.4.17any
roundup-trackerroundup1.4.18any

References 4

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.