CVE-2012-2648

GoodReader <3.16 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser.

References (2)

Scores

EPSS 0.0020
EPSS Percentile 41.8%

Classification

CWE
CWE-79
Status published

Affected Products (50)

goodiware/goodreader < 3.16
goodiware/goodreader
goodiware/goodreader
goodiware/goodreader
goodiware/goodreader
goodiware/goodreader
goodiware/goodreader
goodiware/goodreader
goodiware/goodreader
goodiware/goodreader
goodiware/goodreader
goodiware/goodreader
goodiware/goodreader
goodiware/goodreader
goodiware/goodreader
... and 35 more

Timeline

Published Aug 07, 2012
Tracked Since Feb 18, 2026