2 matches found
CVE-2009-4744
Cross-site scripting XSS vulnerability in the Contact module in Exponent CMS 0.97-GA20090213 allows remote attackers to inject arbitrary web script or HTML via the email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-4744
The CVE-2009-4744 entry describes a cross-site scripting (XSS) vulnerability in the Contact module of Exponent CMS 0.97-GA20090213, exploitable via the email parameter to inject arbitrary script/HTML. The issue is remote in nature and could allow user-interface manipulation through crafted input....