Patterninsight

patterninsight

5 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Pattern Insight

pattern_insight

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-4950 1Patterninsight 1Pattern Insight Apr 29, 2026 Nov 18, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters that are not properly...Show more Cross-site scripting (XSS) vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters that are not properly handled during construction of error messages.Show less
CVE-2012-4938 1Patterninsight 1Pattern Insight Apr 29, 2026 Nov 18, 2012 N/A· v4 N/A· v3 3.5 LOW· v2 Cross-site scripting (XSS) vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message.
CVE-2012-4937 1Patterninsight 1Pattern Insight Apr 29, 2026 Nov 18, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsession_id cookie.
CVE-2012-4936 1Patterninsight 1Pattern Insight Apr 29, 2026 Nov 18, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element.
CVE-2012-4935 1Patterninsight 1Pattern Insight Apr 29, 2026 Nov 18, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users.