WordPress · Wordpress · CVE-2012-0287
**Name of the Vulnerable Software and Affected Versions**
WordPress versions 3.3.x through 3.3.0
**Description**
A cross-site scripting (XSS) issue exists due to improper handling of the query string in a POST operation by the "Duplicate comment detected" feature when Internet Explorer is used. This allows remote attackers to inject arbitrary web script or HTML.
**Recommendations**
For WordPress versions 3.3.x through 3.3.0, update to version 3.3.1 to resolve the issue.