Cross-site scripting (XSS) vulnerability in admin/edit.php in Saurus CMS 4.7.0 allows remote authenticated users, with "Article list" edit privileges, to inject arbitrary web script or HTML via the pealkiri parameter.
References
Configurations
History
No history.
Information
Published : 2010-05-20 17:30
Updated : 2024-02-28 11:41
NVD link : CVE-2010-1997
Mitre link : CVE-2010-1997
CVE.ORG link : CVE-2010-1997
JSON object : View
Products Affected
saurus
- saurus_cms
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')