2 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the login page in Lxlabs HyperVM 2.0 allows remote attackers to inject arbitrary web script or HTML via the frmemessage parameter, a different vector than CVE-2006-6649. NOTE: the provenance of this information is unknown; the details are obtained solely...
CVE-2006-6649
CVE-2006-6649 describes a cross-site scripting (XSS) vulnerability in display.php of HyperVM 1.2 and earlier, exploitable via an encoded frm_action parameter. The weakness is disclosed in the CVE entry, which notes that the vendor disputes the issue and that the dispute could concern severity or ...