BloodBank is a responsive blood bank and donor content management system (CMS). A cross-site scripting vulnerability exists in BloodBank version 1.1, which stems from a lack of effective filtering and escaping of user-supplied data in the file page.php, and can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted payload.
CPE | Name | Operator | Version |
---|---|---|---|
bloodbank bloodbank | eq | 1.1 |