Description

Cross-site scripting (XSS) vulnerability in the update manager in Joomla! 2.5.x before 2.5.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2012-1612

Related Vulnerabilities

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4549)

WordPress 4.7.x Cross-Domain Flash Injection Vulnerability (4.7 - 4.7.8)

WordPress Plugin Eventify-Simple Events 'fetcheventdetails.php' SQL Injection (1.7.f)

WordPress Plugin Ad Manager by WD-Advanced Ad Manager Multiple Vulnerabilities (1.0.11)

WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.13)

Severity

Medium

Classification

CVE-2012-1612 CWE-707

Tags

Missing Update Known Vulnerabilities