classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2013-01-27T22:00:00Z
Updated: 2013-01-27T22:00:00Z
Reserved: 2012-12-06T00:00:00Z
Link: CVE-2012-6112
JSON object: View
NVD Information
Status : Analyzed
Published: 2013-01-27T22:55:04.320
Modified: 2020-12-01T14:52:24.377
Link: CVE-2012-6112
JSON object: View
Redhat Information
No data.
CWE