Multiple cross-site scripting (XSS) vulnerabilities in the Customer Add module of Foxlor v0.10.16 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the name, firstname, or username input fields.
CPE | Name | Operator | Version |
---|---|---|---|
froxlor/froxlor | eq | 0.10.16 |