CVE-2012-1018 – Joomla! Component Currency Converter 1.0.0 - 'from' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2012-1018

Cross-site scripting (XSS) vulnerability in includes/convert.php in D-Mack Media Currency Converter (mod_currencyconverter) module 1.0.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the from parameter. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en includes/convert.php en el módulo D-Mack Media Currency Converter (mod_currencyconverter) v1.0.0 para Joomla! permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro from. • https://www.exploit-db.com/exploits/36659 http://dl.packetstormsecurity.net/1202-exploits/joomlacurrencyconverter-xss.txt http://www.securityfocus.com/bid/51804 https://exchange.xforce.ibmcloud.com/vulnerabilities/72917 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •