3 matches found
TangoCMS 'listeners.php' Cross Site Scripting Vulnerability
TangoCMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to...
CVE-2009-0862
Cross-site scripting XSS vulnerability in the hookcntrlrerroroutput function in modules/page/hooks/listeners.php in the admincp component in TangoCMS 2.2.x aka Eagle before 2.2.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details ar...
CVE-2009-0862
TangoCMS (admincp) is affected by a cross-site scripting (XSS) vulnerability in hook_cntrlr_error_output() inside modules/page/hooks/listeners.php, affecting TangoCMS 2.2.x prior to 2.2.4. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. OpenVAS re...