4 matches found
WordPress vulnerable to cross-site scripting
Overview WordPress contains a cross-site scripting vulnerability due to an issue in the SWFUpload library. ma.la reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the...
WordPress < 3.5.2 Multiple Vulnerabilities
According to its version number, the WordPress install hosted on the remote web server is affected by multiple vulnerabilities : - The application contains a denial of service attack, affecting sites using password-protected posts. CVE-2013-2173 - The application is affected by a server-side...
FreeBSD : typo3 -- XSS Vulnerability in TYPO3 Core (c28ee9cd-916e-4dcf-8ed3-e97e5846db6c)
Typo3 Security Report TYPO3-CORE-SA-2012-003 : TYPO3 bundles and uses an external JavaScript and Flash Upload Library called swfupload. TYPO3 can be configured to use this Flash uploader. Input passed via the 'movieName' parameter to swfupload.swf is not properly sanitised before being used in a...
Cross-Site Scripting Vulnerability in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting. Component Type: TYPO3 Core Affected Versions: 4.5.0 up to 4.5.16, 4.6.0 up to 4.6.9, 4.7.0 up to 4.7.1 and development releases of the 6.0 branch. Bulletin history: July 4, 2012 - corrected Secunia Advisory ID Vulnerabl...