CVE-2013-6808

2013-12-28T04:53:00
ID CVE-2013-6808
Type cve
Reporter cve@mitre.org
Modified 2013-12-30T16:14:00

Description

Cross-site scripting (XSS) vulnerability in lib/NSSDropoff.php in ZendTo before 4.11-13 allows remote attackers to inject arbitrary web script or HTML via a modified emailAddr field to pickup.php.