CVE-2015-1373

2015-01-27T15:04:31
ID CVE-2015-1373
Type cve
Reporter NVD
Modified 2015-01-27T21:24:27

Description

Multiple cross-site scripting (XSS) vulnerabilities in admin.php in ferretCMS 1.0.4-alpha allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter in a search request, (2) username in a login request, which is not properly handled when logging the event, or (3) page title in an insert action.