Vulnerabilities (CVE)

Filtered by vendor Tinymce Subscribe
Filtered by product Spellchecker Php
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-6112 2 Moodle, Tinymce 2 Moodle, Spellchecker Php 2024-11-21 5.0 MEDIUM N/A
classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string.