2 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Crafty Syntax Live Help CSLH before 2.14.6 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 livehelp.php, 2 userquestions.php, and 3 leavemessage.php. NOTE: the lostsheep.php vector is covered by...
CVE-2008-0848
Crafty Syntax Live Help (CSLH) is affected by CVE-2008-0848 due to an XSS vulnerability in lostsheep.php present in versions before 2.14.16. The entry states remote attackers can inject arbitrary script or HTML via unspecified vectors. The notes mention possible inaccuracies in the researcher’s v...