First published: Wed Mar 12 2014(Updated: )
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 through 4.2.9 and 4.3.0 through 4.3.3, allows remote attackers to inject arbitrary web script or HTML via the get-data parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Blair Williams Pretty Link Lite | <=1.6.2 | |
Blair Williams Pretty Link Lite | =1.6.0 | |
Blair Williams Pretty Link Lite | =1.6.1 | |
Joobi Com Jnews | =8.0.1 | |
Civicrm Civicrm | =3.1.0 | |
Civicrm Civicrm | =3.1.1 | |
Civicrm Civicrm | =3.1.2 | |
Civicrm Civicrm | =3.1.3 | |
Civicrm Civicrm | =3.1.4 | |
Civicrm Civicrm | =3.1.5 | |
Civicrm Civicrm | =3.1.6 | |
Civicrm Civicrm | =3.2.0 | |
Civicrm Civicrm | =3.2.1 | |
Civicrm Civicrm | =3.2.2 | |
Civicrm Civicrm | =3.2.3 | |
Civicrm Civicrm | =3.2.4 | |
Civicrm Civicrm | =3.2.5 | |
Civicrm Civicrm | =3.3.0 | |
Civicrm Civicrm | =3.3.1 | |
Civicrm Civicrm | =3.3.2 | |
Civicrm Civicrm | =3.3.3 | |
Civicrm Civicrm | =3.3.5 | |
Civicrm Civicrm | =3.3.6 | |
Civicrm Civicrm | =3.4.0 | |
Civicrm Civicrm | =4.0.5 | |
Civicrm Civicrm | =4.1.0 | |
Civicrm Civicrm | =4.1.1 | |
Civicrm Civicrm | =4.1.2 | |
Civicrm Civicrm | =4.1.3 | |
Civicrm Civicrm | =4.1.4 | |
Civicrm Civicrm | =4.1.5 | |
Civicrm Civicrm | =4.1.6 | |
Civicrm Civicrm | =4.2.0 | |
Civicrm Civicrm | =4.2.1 | |
Civicrm Civicrm | =4.2.2 | |
Civicrm Civicrm | =4.2.4 | |
Civicrm Civicrm | =4.2.5 | |
Civicrm Civicrm | =4.2.6 | |
Civicrm Civicrm | =4.2.7 | |
Civicrm Civicrm | =4.2.8 | |
Civicrm Civicrm | =4.2.9 | |
Civicrm Civicrm | =4.3.0 | |
Civicrm Civicrm | =4.3.1 | |
Civicrm Civicrm | =4.3.2 | |
Civicrm Civicrm | =4.3.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.