Cross-site scripting vulnerability in OneThird CMS v1.73 Heavenβs Door and earlier allows remote attackers to inject arbitrary web script or HTML via contact.php.
[
{
"product": "OneThird CMS",
"vendor": "SpiQe Software",
"versions": [
{
"status": "affected",
"version": "v1.73 Heaven's Door and earlier"
}
]
}
]