CVE-2012-6622
WP Forum Server <= 1.7.3 - Authenticated (Admin+) Stored Cross-Site Scripting
Severity Score
6.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple cross-site scripting (XSS) vulnerabilities in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) groupid parameter in an editgroup action or (2) usergroup_id parameter in an edit_usergroup action.
Múltiples vulnerabilidades cross-site scripting (XSS) en fs-admin/fs-admin.php en el plugin ForumPress WP Forum Server anteriores a 1.7.4 para WordPress permite a atacantes remotos inyectar script web o HTML de forma arbitraria a través de (1) el parámetro groupip en una acción de editgroup o (2) el parámetro usergroup_id en una acción edit_usergroup.
The WP Forum Server plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the (1) groupid parameter in an editgroup action or (2) usergroup_id parameter in an edit_usergroup action in versions up to, and including, 1.7.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative capabilities to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This can also be exploited via CSRF by unauthenticated users due to missing nonce validation.
*Credits:
Heine Pedersen,Torben Jensen
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-05-15 CVE Published
- 2012-05-15 First Exploit
- 2014-01-16 CVE Reserved
- 2024-01-15 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/53530 | Vdb Entry | |
| https://plugins.trac.wordpress.org/changeset/532918 | X_refsource_confirm |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/37195 | 2012-05-15 | |
| http://packetstormsecurity.org/files/112703/WordPress-WP-Forum-Server-1.7.3-SQL-Injection-Cross-Site-Scripting.html | 2024-08-06 |
| URL | Date | SRC |
|---|---|---|
| http://wordpress.org/extend/plugins/forum-server/changelog | 2016-12-08 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/49155 | 2016-12-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | <= 1.7.4 Search vendor "Vasthtml" for product "Forumpress" and version " <= 1.7.4" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.0 Search vendor "Vasthtml" for product "Forumpress" and version "1.0" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.1 Search vendor "Vasthtml" for product "Forumpress" and version "1.1" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.2 Search vendor "Vasthtml" for product "Forumpress" and version "1.2" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.3 Search vendor "Vasthtml" for product "Forumpress" and version "1.3" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.4 Search vendor "Vasthtml" for product "Forumpress" and version "1.4" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.5 Search vendor "Vasthtml" for product "Forumpress" and version "1.5" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.5.1 Search vendor "Vasthtml" for product "Forumpress" and version "1.5.1" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.5.2 Search vendor "Vasthtml" for product "Forumpress" and version "1.5.2" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.6 Search vendor "Vasthtml" for product "Forumpress" and version "1.6" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.6.2 Search vendor "Vasthtml" for product "Forumpress" and version "1.6.2" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.6.3 Search vendor "Vasthtml" for product "Forumpress" and version "1.6.3" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.6.4 Search vendor "Vasthtml" for product "Forumpress" and version "1.6.4" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.6.5 Search vendor "Vasthtml" for product "Forumpress" and version "1.6.5" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.6.6 Search vendor "Vasthtml" for product "Forumpress" and version "1.6.6" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.6.7 Search vendor "Vasthtml" for product "Forumpress" and version "1.6.7" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.6.8 Search vendor "Vasthtml" for product "Forumpress" and version "1.6.8" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.6.9 Search vendor "Vasthtml" for product "Forumpress" and version "1.6.9" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.7 Search vendor "Vasthtml" for product "Forumpress" and version "1.7" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.7.1 Search vendor "Vasthtml" for product "Forumpress" and version "1.7.1" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.7.2 Search vendor "Vasthtml" for product "Forumpress" and version "1.7.2" | wordpress |
Affected
| ||||||
| Vasthtml Search vendor "Vasthtml" | Forumpress Search vendor "Vasthtml" for product "Forumpress" | 1.7.3 Search vendor "Vasthtml" for product "Forumpress" and version "1.7.3" | wordpress |
Affected
| ||||||