VDB
CVE-2012-4950
CVE-2012-4950
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Cross-site scripting (XSS) vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters that are not properly handled during construction of error messages.
EPSS 2.86% · 86.5th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
2.86%
86.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| patterninsight | pattern_insight | 2.3 |
Timeline
- Nov 18, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 17, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- pattern-insight-keyword-search-xss(79787) vdb
- VU#802596 third-party-advisory
- 87053 vdb
- 56381 vdb
- 51203 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2012-4950 advisory