Candidate: CVE-2012-0287
PublicDate: 2012-01-06 04:01:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0287
 http://oldmanlab.blogspot.com/2012/01/wordpress-33-xss-vulnerability.html
 https://wordpress.org/news/2012/01/wordpress-3-3-1/
Description:
 Cross-site scripting (XSS) vulnerability in wp-comments-post.php in
 WordPress 3.3.x before 3.3.1, when Internet Explorer is used, allows remote
 attackers to inject arbitrary web script or HTML via the query string in a
 POST operation that is not properly handled by the "Duplicate comment
 detected" feature.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: 
CVSS: 

Patches_wordpress:
upstream_wordpress: released (3.3.1)
hardy_wordpress: ignored (reached end-of-life)
lucid_wordpress: ignored (reached end-of-life)
maverick_wordpress: ignored (reached end-of-life)
natty_wordpress: ignored (reached end-of-life)
oneiric_wordpress: ignored (reached end-of-life)
precise_wordpress: not-affected (3.3.1+dfsg-1)
quantal_wordpress: not-affected (3.3.2+dfsg-1)
raring_wordpress: not-affected (3.3.2+dfsg-1)
saucy_wordpress: not-affected (3.3.2+dfsg-1)
devel_wordpress: not-affected (3.3.2+dfsg-1)