CVE-2012-6668

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Shout Reports in the DragonByte Technologies vBShout module before 6.0.6 for vBulletin allow remote attackers to inject arbitrary web script or HTML via the (1) reportreason parameter in actions/doreport.php or (2) modnotes parameter in actions/updatereport.php.

CVSS Version 3.0
CVSS Version 2.0

nvd
CVE ID: CVE-2012-6668
Base Score: 6.1
Base Severity: MEDIUM
Vector String:CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

nvd
CVE ID: CVE-2012-6668
Base Score: 4.3
Base Severity: MEDIUM
Vector String:AV:N/AC:M/Au:N/C:N/I:P/A:N

Refrence: NVD

Description​

Description