< Back to JetLib.com

jetlib.sec » Bugtraq » 0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977)

« Expand/Collapse

Bugtraq

February 17, 2012
0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977)

Posted: February 17th, 2012, 8:36am PST

Tags:

Posted by Kousuke Ebihara on Feb 17
I've reported the following XSS vulnerability in cforms II. This vulnerability has been fixed on February 14, 2012 by
its developer.

WordPress cformsII Plugin "rs" Cross-Site Scripting Vulnerability - Secunia.com
http://secunia.com/advisories/47984/

You might see this is a normal XSS vulnerability, but this isn't.

Because EXPLOIT CODE IS PUBLISHED AS 0-DAY ON Oct 30, 2010 in this list!

Are you puzzled?

Actually, the...

← [Spam] Skype v5.6.59.x - Memory Corr... Re: Fwd: 0-DAY XSS of cforms II is no... →