5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.1%
Multiple cross-site scripting (XSS) vulnerabilities in aMember allow remote attackers to inject arbitrary web script or HTML via the (1) lamember_login parameter to sendpass.php and (2) login parameter to member.php.
securitytracker.com/id?1015208
www.osvdb.org/21012
www.osvdb.org/21013