Description
wp-comments-post.php in WordPress before 3.3.2 supports offsite redirects, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Responsive Preview Cross-Site Scripting (1.1)
MySQL CVE-2017-3635 Vulnerability (CVE-2017-3635)
WordPress Plugin Video.js-HTML5 Video Player for Wordpress Cross-Site Scripting (4.5.0)
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-44854)
WordPress Plugin Fileviewer Cross-Site Request Forgery (2.2)