2 matches found
Cloud4Wi Splash Portal Cross-Site Scripting Vulnerability
Cloud4Wi is a suite of customer Wi-Fi service platforms from Cloud4Wi, Inc. in the U.S. Splash Portal is one of the Wi-Fi portals. A cross-site scripting vulnerability exists in Splash Portal in Cloud4Wi versions prior to 5.9.7. A remote attacker can exploit this vulnerability to inject arbitrary...
CVE-2015-4699
Cross-site scripting XSS vulnerability in the Splash Portal in Cloud4Wi before 5.9.7 allows remote attackers to inject arbitrary web script or HTML via the recoveryMessage parameter to the default URI...