CVE-2012-6521

Name of the Vulnerable Software and Affected Versions Elefant CMS version 1.2.0

Description The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the id parameter to the "admin/versions" endpoint.

Recommendations For Elefant CMS version 1.2.0, avoid using the id parameter in the "admin/versions" endpoint until the issue is resolved. Consider restricting access to the admin/versions endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.