2 matches found
CVE-2009-4473
CVE-2009-4473: Concrete XSS vulnerabilities in Ektron CMS400.NET (WorkArea/ContentDesigner/ekformsiframe.aspx) due to improper sanitization of user-supplied input. Affects Ektron CMS400.NET versions 7.6.1.53 and 7.6.6.47, and possibly 7.52 through 7.66sp2. Attacker can inject arbitrary script/HTM...
CVE-2009-4473
Multiple cross-site scripting XSS vulnerabilities in WorkArea/ContentDesigner/ekformsiframe.aspx in Ektron CMS400.NET 7.6.1.53 and 7.6.6.47, and possibly 7.52 through 7.66sp2, allow remote attackers to inject arbitrary web script or HTML via the 1 css, 2 eca, 3 id, and 4 skin parameters. NOTE: so...