CVE-2018-12587
N/A
N/A
Summary
A cross-site scripting (XSS) vulnerability was found in valeuraddons German Spelling Dictionary v1.3 (an Opera Browser add-on). Instead of providing text for a spelling check, remote attackers may inject arbitrary web script or HTML via the ajax query parameter in the URL Address Bar.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://metamorfosec.com/Files/Advisories/METS-2018-003-A_XSS_Vulnerability_in_German_Spelling_Dictionary_1.3.txt
- https://www.openbugbounty.org/reports/610381/
References
- https://metamorfosec.com/Files/Advisories/METS-2018-003-A_XSS_Vulnerability_in_German_Spelling_Dictionary_1.3.txt
- https://www.openbugbounty.org/reports/610381/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.