Cross-site scripting (XSS) vulnerability in edit1.php in Telephone Directory 2008 allows remote attackers to inject arbitrary web script or HTML via the action parameter.
References
Configurations
History
No history.
Information
Published : 2008-06-12 12:21
Updated : 2024-02-28 11:21
NVD link : CVE-2008-2677
Mitre link : CVE-2008-2677
CVE.ORG link : CVE-2008-2677
JSON object : View
Products Affected
telephone
- telephone_directory_2008
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')