2 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in UserLand Manila allow remote attackers to inject arbitrary web script or HTML 1 via the referer parameter in sendMail, and via attributes of 2 the A element and certain other HTML elements in web pages edited with the editInBrowser module. NOTE...
CVE-2006-1769
CVE-2006-1769 affects UserLand Manila 9.5 and earlier, with XSS vulnerabilities that let remote attackers inject arbitrary script via (1) the mode parameter in msgReader$1 and (2) the end of the URI in viewDepartment$. The connected records also indicate overlap with CVE-2006-1903, which describe...