SA-CONTRIB-2012-172 - Zero Point - Cross Site Scripting (XSS)
Zero Point is an advanced theme which includes many options, ideal for a wide range of sites. The theme does not escape path aliases exposing a Cross site scripting XSS vulnerability in URLs. There are no mitigating factors. CVE: CVE-2012-5591 Versions affected zeropoint 6.x-1.x versions prior to...