Cross site scripting

Cross-site scripting XSS vulnerability in index.php in CedStat 1.31 allows remote attackers to inject arbitrary web script or HTML via the hier parameter...

CVE-2007-1020

CVE-2007-1020 affects CedStat 1.31, with an XSS flaw in index.php exploited via the hier parameter. The root cause is insufficient sanitization allowing remote script injection. Impact per CVSS 2.0: Partial confidentiality, integrity, and availability (base score 6.8). Connected documents provide...