CVE-2012-0287
N/A
N/A
Summary
Cross-site scripting (XSS) vulnerability in wp-comments-post.php in WordPress 3.3.x before 3.3.1, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via the query string in a POST operation that is not properly handled by the "Duplicate comment detected" feature.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securitytracker.com/id?1026542
- http://oldmanlab.blogspot.com/2012/01/wordpress-33-xss-vulnerability.html
- http://www.securityfocus.com/bid/51237
- https://wordpress.org/news/2012/01/wordpress-3-3-1/
References
- http://www.securitytracker.com/id?1026542
- http://oldmanlab.blogspot.com/2012/01/wordpress-33-xss-vulnerability.html
- http://www.securityfocus.com/bid/51237
- https://wordpress.org/news/2012/01/wordpress-3-3-1/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.