Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser.
No CVSS v3.1
No CVSS v3.0
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact None
AV:N/AC:M/Au:N/C:N/I:P/A:N
Vendors | Products |
---|---|
Apple |
|
Goodiware |
|
Configuration 1 [-]
AND |
|
Configuration 2 [-]
AND |
|
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2022-10-03T16:15:35
Updated: 2022-10-03T16:15:35
Reserved: 2022-10-03T00:00:00
Link: CVE-2012-2648
JSON object: View
NVD Information
Status : Analyzed
Published: 2012-08-07T19:55:02.187
Modified: 2022-08-09T13:49:00.607
Link: CVE-2012-2648
JSON object: View
Redhat Information
No data.
CWE