AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2011-5042: Cross-site scripting (XSS) vulnerability in inc/lib/lib.base.php in SASHA 0.2.0 allows remote attackers to inject arbitr

infovulnerability

security

Source: NVD/CVE DatabaseDecember 30, 2011CVE-2011-5042

Summary

SASHA 0.2.0 contains a cross-site scripting (XSS) vulnerability, a type of security flaw where attackers can inject malicious code into web pages, in its lib.base.php file through the instructors parameter. This allows attackers to inject arbitrary web scripts or HTML code that could compromise users visiting the affected application.

Vulnerability Details

CVSS Score

4.3

EPSS (30-day exploit probability)

EPSS: 0.3%

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-79

CAPEC (Attack Pattern)

CAPEC-198 CAPEC-86

Original source: https://nvd.nist.gov/vuln/detail/CVE-2011-5042

First tracked: February 15, 2026 at 08:37 PM

Classified by LLM (prompt v3) · confidence: 95%