Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval.
CPE | Name | Operator | Version |
---|---|---|---|
escan_management_console | eq | 14.0.1400.2281 |