Description
wp-comments-post.php in WordPress before 3.3.2 supports offsite redirects, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.
Remediation
References
Related Vulnerabilities
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2023-26116)
PostgreSQL Out-of-bounds Write Vulnerability (CVE-2015-0242)
WordPress Plugin IMPress for IDX Broker Unspecified Vulnerability (2.5.11)
MySQL CVE-2020-14848 Vulnerability (CVE-2020-14848)
Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-42097)