Candidate: CVE-2012-4000
PublicDate: 2012-07-12 21:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4000
Description:
 Cross-site scripting (XSS) vulnerability in the print_textinputs_var
 function in
 editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php
 in FCKeditor 2.6.7 and earlier allows remote attackers to inject arbitrary
 web script or HTML via textinputs array parameters.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_fckeditor:
 vendor: http://www.debian.org/security/2012/dsa-2522
upstream_fckeditor: released (1:2.6.6-3)
hardy_fckeditor: ignored (reached end-of-life)
lucid_fckeditor: ignored (reached end-of-life)
natty_fckeditor: released (1:2.6.6-1squeeze1build0.11.04.1)
oneiric_fckeditor: released (1:2.6.6-1squeeze1build0.11.10.1)
precise_fckeditor: released (1:2.6.6-1squeeze1build0.12.04.1)
quantal_fckeditor: not-affected (1:2.6.6-3)
raring_fckeditor: not-affected (1:2.6.6-3)
saucy_fckeditor: not-affected (1:2.6.6-3)
devel_fckeditor: not-affected (1:2.6.6-3)