Cross site scripting

2009-07-2416:30:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.1%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Hotscripts Type PHP Clone Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php, (2) index.php, and (3) lostpassword.php.

References

osvdb.org/56167

osvdb.org/56168

osvdb.org/56169

packetstormsecurity.org/0907-exploits/hotscriptsclone-xss.txt

secunia.com/advisories/35892

www.vupen.com/english/advisories/2009/1979

exchange.xforce.ibmcloud.com/vulnerabilities/51911