CVE-2012-10007

Name of the Vulnerable Software and Affected Versions madgicweb BuddyStream Plugin versions up to 3.2.7

Description A vulnerability was found in the madgicweb BuddyStream Plugin. It has been declared as problematic. The issue affects an unknown functionality of the file ShareBox.php. The manipulation of the content/link/shares argument leads to cross-site scripting. The attack can be launched remotely. Upgrading to version 3.2.8 is able to address this issue.

Recommendations For madgicweb BuddyStream Plugin versions up to 3.2.7, upgrade to version 3.2.8 to address the issue. As a temporary workaround, consider restricting access to the ShareBox.php file until the upgrade is applied. Avoid using the content/link/shares argument in the affected functionality until the issue is resolved.