2 matches found
CVE-2005-2282
WebEOC (before 6.0.2) contains multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary script/HTML via unknown vectors. The issue is addressed in version 6.0.2, which adds validation checks to vulnerable input fields. The CVE references come from multip...
WebEOC is vulnerable to cross-site scripting attacks
Overview WebEOC contains multiple cross-site scripting vulnerabilities that may allow a remote attacker to inject and execute arbitrary script using a vulnerable WebEOC site. Description WebEOC is a web-based crisis information management application that provides functions to gather, coordinate,...