CVE-2018-12587

Name of the Vulnerable Software and Affected Versions valeuraddons German Spelling Dictionary version 1.3

Description A cross-site scripting issue was discovered, allowing remote attackers to inject arbitrary web script or HTML via the ajax query parameter in the URL Address Bar, potentially leading to unauthorized actions.

Recommendations For valeuraddons German Spelling Dictionary version 1.3, as a temporary workaround, consider restricting access to the ajax query parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.