{"id":"CVE-2012-1293","details":"Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the (1) to or (2) from parameters.","modified":"2026-04-10T03:42:15.547616Z","published":"2012-09-25T23:55:01Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/47971"},{"type":"ADVISORY","url":"http://www.debian.org/security/2012/dsa-2414"},{"type":"EVIDENCE","url":"http://www.openwall.com/lists/oss-security/2012/02/20/1"},{"type":"FIX","url":"http://fex.rus.uni-stuttgart.de/fex.html"},{"type":"WEB","url":"http://archives.neohapsis.com/archives/bugtraq/2012-02/0109.html"},{"type":"WEB","url":"http://archives.neohapsis.com/archives/bugtraq/2012-02/0112.html"},{"type":"WEB","url":"http://osvdb.org/79420"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2012/02/20/8"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2012/02/23/2"},{"type":"WEB","url":"http://www.securityfocus.com/bid/52085"}],"schema_version":"1.7.5"}