Vulnerabilities > Socialengine > Socialengine > 4.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-11 | CVE-2012-6721 | Cross-Site Request Forgery (CSRF) vulnerability in Socialengine 4.2.2 Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) Forum, (2) Event, and (3) Classifieds plugins in SocialEngine before 4.2.4. | 6.8 |
| 2020-02-11 | CVE-2012-6720 | Cross-site Scripting vulnerability in Socialengine 4.2.2 Multiple cross-site scripting (XSS) vulnerabilities in SocialEngine before 4.2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to music/create, (2) location parameter to events/create, or (3) search parameter to widget/index/content_id/*. | 4.3 |