Description
wp-comments-post.php in WordPress before 3.3.2 supports offsite redirects, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.
Remediation
References
Related Vulnerabilities
Internet Information Services Other Vulnerability (CVE-2000-0884)
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-21336)
Apache HTTP Server CVE-2002-0839 Vulnerability (CVE-2002-0839)
Python Inefficient Regular Expression Complexity Vulnerability (CVE-2024-7592)
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8379)