CVE-2010-4630 Information

Description

Cross-site scripting (XSS) vulnerability in pages/admin/surveys/create.php in the WP Survey And Quiz Tool plugin 1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter.

Reference

http://osvdb.org/69074 http://packetstormsecurity.org/1011-exploits/wpsurvey-xss.txt http://secunia.com/advisories/42196 http://www.johnleitch.net/Vulnerabilities/WordPress.Survery.And.Quiz.Tool.1.2.1.Reflected.Cross-site.Scripting/57 https://exchange.xforce.ibmcloud.com/vulnerabilities/63056