Описание
GeSHi vulnerable to Cross-site Scripting
Cross-site scripting (XSS) vulnerability in contrib/langwiz.php in GeSHi before 1.0.8.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-3522
- https://lists.fedorahosted.org/archives/list/package-announce@lists.fedoraproject.org/message/AE33KOZ42XXG6DSH5SNGOTC3NS7FWZ2I
- https://lists.fedorahosted.org/archives/list/package-announce@lists.fedoraproject.org/message/H2R65LEAIDK6I53IYGZWDCRETBYKNUKF
- https://lists.fedorahosted.org/archives/list/package-announce@lists.fedoraproject.org/message/JA5TA3T7AJXWM4QMI62LMGW62WZUULGB
- http://sourceforge.net/p/geshi/code/2508
- http://www.openwall.com/lists/oss-security/2012/08/21/11
Пакеты
Наименование
geshi/geshi
composer
Затронутые версииВерсия исправления
< 1.0.8.11
1.0.8.11
Связанные уязвимости
ubuntu
больше 11 лет назад
Cross-site scripting (XSS) vulnerability in contrib/langwiz.php in GeSHi before 1.0.8.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
больше 11 лет назад
Cross-site scripting (XSS) vulnerability in contrib/langwiz.php in GeSHi before 1.0.8.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
debian
больше 11 лет назад
Cross-site scripting (XSS) vulnerability in contrib/langwiz.php in GeS ...