CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2CVE-2012-6514
https://notcve.org/view.php?id=CVE-2012-6514
Cross-site scripting (XSS) vulnerability in the nBill (com_nbill) component 2.3.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the message parameter in an income action to administrator/index.php. Una vulnerabilidad de tipo cross-site scripting (XSS) en el componente nBill (com_nbill) versión 2.3.2 para Joomla!, permite a los atacantes remotos inyectar script web o HTML arbitrario por medio del parámetro message en una acción income en el archivo administrator/index.php. • http://hauntit.blogspot.com/2012/04/en-nbill-lite-joomla-component-html.html http://packetstormsecurity.org/files/112235/Joomla-nBill-Lite-Cross-Site-Scripting.html http://secunia.com/advisories/49004 http://www.securityfocus.com/bid/53275 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •