Multiple cross-site scripting (XSS) vulnerabilities in the Customer Add module of Foxlor v0.10.16 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the name, firstname, or username input fields.
CPE | Name | Operator | Version |
---|---|---|---|
froxlor | eq | 0.10.0-rc2 | |
froxlor | eq | 0.9.28-rc1 | |
froxlor | eq | 0.9.34.2 | |
froxlor | eq | 0.9.27-rc1 | |
froxlor | eq | 0.9.24-rc1 | |
froxlor | eq | 0.9.33-rc2 | |
froxlor | eq | 0.10.13 | |
froxlor | eq | 0.9.35.1 | |
froxlor | eq | 0.9.30-rc1 | |
froxlor | eq | 0.9.39 |