Description

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an "HTTP Parameter Contamination" issue.

Remediation

References

CVE-2012-2965

Related Vulnerabilities

Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-38901)

Oracle Database Server CVE-2008-0340 Vulnerability (CVE-2008-0340)

WordPress Plugin WP-UserOnline Cross-Site Scripting (2.88.0)

WordPress Plugin Theme Test Drive Multiple Vulnerabilities (2.9)

WordPress Plugin Acunetix WP Security Cross-Site Request Forgery (4.0.4)

Severity

High

Classification

CVE-2012-2965 CWE-20

Tags

Missing Update Known Vulnerabilities