Multiple cross-site scripting (XSS) vulnerabilities in index.php in Rentventory 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) username (aka Login) and (2) password parameters in a login action.
CPE | Name | Operator | Version |
---|---|---|---|
rentventory | eq | 1.0.1 |