Description

Cross-site scripting (XSS) vulnerability in concrete5 Japanese 5.5.1 through 5.5.2.1 and concrete5 English 5.5.0 through 5.6.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2012-5181

Related Vulnerabilities

WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads Multiple Vulnerabilities (2.2.4)

WordPress Plugin Service Finder-Provider and Business Listing Local File Disclosure (3.0)

WordPress Plugin Shortcoder-Create Shortcodes for Anything Security Bypass (6.3)

WordPress Plugin Quick Page/Post Redirect Open Redirect (5.1.5)

Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1165)

Severity

Medium

Classification

CVE-2012-5181 CWE-707

Tags

Missing Update Known Vulnerabilities