Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2012-4532 - Vulnerability Database

Joomla

Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2012-4532

Medium

Reference: CVE-2012-4532

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-4532

Title: Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Overview:

Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl/default.php in the Language Switcher module for Joomla 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information.