CVE-2012-5228 Information

Description

Cross-site scripting (XSS) vulnerability in admin/index.php in phplist 2.10.9 2.10.17 and possibly other versions before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via the testtarget parameter. NOTE: some of these details are obtained from third party information.

Reference

http://osvdb.org/78548 http://secunia.com/advisories/47727 http://www.exploit-db.com/exploits/18419 http://www.securityfocus.com/bid/51681 https://exchange.xforce.ibmcloud.com/vulnerabilities/72747