Description
Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
Remediation
References
Related Vulnerabilities
WordPress Plugin Feedweb Cross-Site Scripting (2.4)
WordPress Plugin Afterpay Gateway for WooCommerce Cross-Site Scripting (3.2.0)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-4962)
WordPress Plugin WordPress for Google Maps-WP MAPS Cross-Site Request Forgery (4.2.3)