Cross site scripting

2012-08-1322:55:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.4%

JSON

Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the cl_comments parameter. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
proman_xpresseq5.0.1

CPE	Name	Operator	Version
	proman_xpress	eq	5.0.1

References

secunia.com/advisories/49127

www.vulnerability-lab.com/get_content.php?id=512

www.exploit-db.com/exploits/18872