Описание
Cross-site scripting (XSS) vulnerability in the search feature in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
Cross-site scripting (XSS) vulnerability in the search feature in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-2280
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91830
- http://archives.neohapsis.com/archives/bugtraq/2014-03/0101.html
- http://packetstormsecurity.com/files/125726
- http://secunia.com/advisories/57475
- http://sourceforge.net/p/seeddms/code/ci/master/tree/CHANGELOG
Связанные уязвимости
nvd
почти 12 лет назад
Cross-site scripting (XSS) vulnerability in the search feature in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter.