Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters.
CPE | Name | Operator | Version |
---|---|---|---|
online_birth_certificate_system | eq | 1.2 |