CVE-2009-2163
CVE-2009-2163 affects Sitecore CMS prior to version 6.0.2 Update-1 (090507), specifically the login/default.aspx path where the sc_error parameter can be exploited for cross-site scripting (XSS). The vulnerability allows remote attackers to inject arbitrary HTML/script into a user’s browser withi...