Multiple cross-site scripting (XSS) vulnerabilities in sample.php in WiKID wClient-PHP 3.0-2 and earlier allow remote attackers to inject arbitrary web script or HTML via the PHP_SELF variable.
CPE | Name | Operator | Version |
---|---|---|---|
wclient-php | eq | 3.0.1 | |
wclient-php | eq | <= 3.0-2 |