Cross-site scripting (XSS) vulnerability in Roy Tanck tagcloud.swf, as used in the WP-Cumulus plugin before 1.23 for WordPress and the Joomulus module 2.0 and earlier for Joomla!, allows remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action. Cross-site scripting (XSS) vulnerability in tagcloud.swf in the WP-Cumulus Plug-in before 1.23 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tagcloud parameter.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2009-12-02 10:30
Updated : 2018-10-10 12:48
NVD link : CVE-2009-4168
Mitre link : CVE-2009-4168
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
roytanck
- wp-cumulus
wordpress
- wordpress