CVE-2012-2399
Publication date 21 April 2012
Last updated 24 July 2024
Ubuntu priority
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different vulnerability than CVE-2012-3414.
Status
Package | Ubuntu Release | Status |
---|---|---|
wordpress | ||
16.04 LTS xenial |
Not affected
|
|
14.04 LTS trusty | Not in release | |