CVE-2012-4679
Newscoop <3.5.5 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in admin/login.php in Newscoop before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the f_user_name parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by High-Tech Bridge SA · textwebappsphp
https://www.exploit-db.com/exploits/18752
References (6)
Scores
EPSS
0.1102
EPSS Percentile
93.4%
Classification
CWE
CWE-79
Status
published
Affected Products (6)
sourcefabric/newscoop
< 3.5.4
sourcefabric/newscoop
sourcefabric/newscoop
sourcefabric/newscoop
sourcefabric/newscoop
n/a/n/a
Timeline
Published
Aug 27, 2012
Tracked Since
Feb 18, 2026