MidnightBSD

Advisories for german_spelling_dictionary_project

CVE-2018-12587 MEDIUM

A cross-site scripting (XSS) vulnerability was found in valeuraddons German Spelling Dictionary v1.3 (an Opera Browser add-on). Instead of providing text for a spelling check, remote attackers may inject arbitrary web script or HTML via the ajax query parameter in the URL Address Bar.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
german_spelling_dictionary_project german_spelling_dictionary 1.3