Cross-site scripting (XSS) vulnerability in index.php in Digital Signage Xibo 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the layout parameter in the layout page.
References
Configurations
History
21 Nov 2024, 01:56
Type | Values Removed | Values Added |
---|---|---|
References | () http://infosec42.blogspot.com/2013/08/exploit-xibo-digital-signage-sql.html - Exploit |
Information
Published : 2014-01-29 18:55
Updated : 2024-11-21 01:56
NVD link : CVE-2013-4888
Mitre link : CVE-2013-4888
CVE.ORG link : CVE-2013-4888
JSON object : View
Products Affected
springsignage
- xibo
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')