Cross site scripting
DISPUTED Multiple cross-site scripting XSS vulnerabilities in BluePay Manager 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML during a login action via the 1 Account Name and 2 Username field. NOTE: the vendor has disputed this vulnerability, saying that "it does not...