Description

Cross-site scripting (XSS) vulnerability in concrete5 Japanese 5.5.1 through 5.5.2.1 and concrete5 English 5.5.0 through 5.6.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2012-5181

Related Vulnerabilities

WordPress Plugin YITH WooCommerce Stripe Security Bypass (2.0.1)

WordPress Plugin Contact Form 7 Style Cross-Site Request Forgery (3.1.9)

WordPress 4.0.x Same Origin Method Execution (SOME) Vulnerability (4.0 - 4.0.10)

Atlassian Jira Missing Authorization Vulnerability (CVE-2019-8445)

WordPress Plugin Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.7.5)

Severity

Medium

Classification

CVE-2012-5181 CWE-707

Tags

Missing Update Known Vulnerabilities