2 matches found
CVE-2009-4168
Cross-site scripting XSS vulnerability in Roy Tanck tagcloud.swf, as used in the WP-Cumulus plugin before 1.23 for WordPress and the Joomulus module 2.0 and earlier for Joomla!, allows remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action. Cross-site...
CVE-2009-4168
CVE-2009-4168 is an XSS in Roy Tanck tagcloud.swf used by WP-Cumulus plugin (WordPress) and Joomulus module; tagcloud parameter in a tags action enables remote script/HTML injection. Affected: WP-Cumulus before 1.23 and Joomulus 2.0 and earlier. Root cause: tagcloud.swf parameter handling allows ...