CVE-2012-4004

medium

Description

Cross-site scripting (XSS) vulnerability in the Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allows remote attackers to inject arbitrary web script or HTML via a crafted application that interacts with an unspecified Sleipnir Mobile function.

References

https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir_black

https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir

http://jvndb.jvn.jp/jvndb/JVNDB-2012-000076

http://jvn.jp/en/jp/JVN39519659/index.html

Details

Source: Mitre, NVD

Published: 2012-08-08

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00285