Description

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an "HTTP Parameter Contamination" issue.

Remediation

References

CVE-2012-2965

Related Vulnerabilities

WordPress Plugin MicroCopy SQL Injection (1.1.0)

WordPress Plugin Cookie Consent for WP-Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) Cross-Site Scripting (3.2.0)

Magento CVE-2021-36021 Vulnerability (CVE-2021-36021)

Play Framework Data Amplification Vulnerability (CVE-2020-28923)

Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1336)

Severity

High

Classification

CVE-2012-2965 CWE-20

Tags

Missing Update Known Vulnerabilities