CVE-2012-3522: GeSHi vulnerable to Cross-site Scripting
(updated )
Cross-site scripting (XSS) vulnerability in contrib/langwiz.php in GeSHi before 1.0.8.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
- github.com/GeSHi/geshi-1.0
- github.com/advisories/GHSA-f3f3-5q5j-6v47
- lists.fedorahosted.org/archives/list/package-announce@lists.fedoraproject.org/message/AE33KOZ42XXG6DSH5SNGOTC3NS7FWZ2I
- lists.fedorahosted.org/archives/list/package-announce@lists.fedoraproject.org/message/H2R65LEAIDK6I53IYGZWDCRETBYKNUKF
- lists.fedorahosted.org/archives/list/package-announce@lists.fedoraproject.org/message/JA5TA3T7AJXWM4QMI62LMGW62WZUULGB
- nvd.nist.gov/vuln/detail/CVE-2012-3522
Code Behaviors & Features
Detect and mitigate CVE-2012-3522 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →