From time to time a vulnerability is fixed in a plugin without the discoverer putting out a report on the vulnerability and we will put out a post detailing the vulnerability so that we can provide our customers with more complete information on the vulnerability.
An advisory released by the JPCERT/CC and IPA states that a reflected cross-site scripting (XSS) vulnerability had
Source: Security Feed