CVE-2012-4745
Acuity CMS 2.6.2 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in admin/login.asp in Acuity CMS 2.6.2 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Aung Khant · textwebappsphp
https://www.exploit-db.com/exploits/37091
References (4)
Scores
EPSS
0.0508
EPSS Percentile
89.7%
Classification
CWE
CWE-79
Status
published
Affected Products (2)
the_collective/acuity_cms
n/a/n/a
Timeline
Published
Aug 31, 2012
Tracked Since
Feb 18, 2026