CVE-2012-4004

Fenrir-inc Sleipnir Mobile < 2.2.0 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allows remote attackers to inject arbitrary web script or HTML via a crafted application that interacts with an unspecified Sleipnir Mobile function.

References (4)

[Third Party Advisory] http://jvn.jp/en/jp/JVN39519659/index.html

[Third Party Advisory] http://jvndb.jvn.jp/jvndb/JVNDB-2012-000076

[Various Sources] https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir

[Various Sources] https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir_black

Scores

EPSS 0.0029

EPSS Percentile 51.6%

Classification

CWE

CWE-79

Status published

Affected Products (39)

fenrir-inc/sleipnir_mobile < 2.2.0

fenrir-inc/sleipnir_mobile

fenrir-inc/sleipnir_mobile

fenrir-inc/sleipnir_mobile

fenrir-inc/sleipnir_mobile

fenrir-inc/sleipnir_mobile

fenrir-inc/sleipnir_mobile

fenrir-inc/sleipnir_mobile

fenrir-inc/sleipnir_mobile

fenrir-inc/sleipnir_mobile

fenrir-inc/sleipnir_mobile

fenrir-inc/sleipnir_mobile

fenrir-inc/sleipnir_mobile

fenrir-inc/sleipnir_mobile

fenrir-inc/sleipnir_mobile

... and 24 more

Timeline

Published Aug 08, 2012

Tracked Since Feb 18, 2026