silverstripeCMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2012-0976
Reference:
CVE-2012-0976
Title:
silverstripeCMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:
Cross-site scripting (XSS) vulnerability in admin/EditForm in SilverStripe 2.4.6 allows remote authenticated users with Content Authors privileges to inject arbitrary web script or HTML via the Title parameter. NOTE: some of these details are obtained from third party information.