Cross site scripting

2015-01-1311:59:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.0%

JSON

Cross-site scripting (XSS) vulnerability in includes/delete_img.php in the Joomlaskin JS Multi Hotel (aka JS MultiHotel and Js-Multi-Hotel) plugin 2.2.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the path parameter.

CPENameOperatorVersion
js_multi_hotelle2.2.1

CPE	Name	Operator	Version
	js_multi_hotel	le	2.2.1

References

packetstormsecurity.com/files/125959

websecurity.com.ua/7087/

exchange.xforce.ibmcloud.com/vulnerabilities/92207