Description

Cross-site scripting (XSS) vulnerability in the update manager in Joomla! 2.5.x before 2.5.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2012-1612

Related Vulnerabilities

WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (5.7.22)

Check for apache versions up to 1.3.25, 2.0.38

WordPress Plugin Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.7.7)

PHP Other Vulnerability (CVE-2007-2844)

Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.15)

Severity

Medium

Classification

CVE-2012-1612 CWE-707

Tags

Missing Update Known Vulnerabilities