RSS   Vulnerabilities for 'Spellchecker php'   RSS

2013-01-27
 
CVE-2012-6112

CWE-noinfo
 

 
classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string.

 

 >>> Vendor: Tinymce 5 Products
Tinymce
Spellchecker php
Media
Image manager
Color picker


Copyright 2024, cxsecurity.com

 

Back to Top