Sockso · Sockso · CVE-2012-4267
**Name of the Vulnerable Software and Affected Versions**
Sockso versions 1.5 and earlier
**Description**
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `name` parameter in the "user/register" endpoint.
**Recommendations**
For Sockso versions 1.5 and earlier, update to a version later than 1.5 to resolve the issue.