4 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in dotProject before 2.1 RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2006-2851 and CVE-2006-3240...
CVE-2007-3226
Cross-site scripting XSS vulnerability in dotProject before 2.1 RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2006-2851 and CVE-2006-3240...
CVE-2006-3240
Cross-site scripting XSS vulnerability in classes/ui.class.php in dotProject 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the login parameter...
CVE-2006-3240
CVE-2006-3240 is an XSS vulnerability in dotProject prior to 2.0.4 (2.0.3 and earlier) affecting the login flow via the login parameter in classes/ui.class.php. The underlying issue is a cross-site scripting exposure that could allow remote attackers to inject arbitrary script/HTML into a user’s ...