2 matches found
CVE-2010-2038
Cross-site scripting XSS vulnerability in include/tool/editingfiles.php in gpEasy CMS 1.6.2 allows remote authenticated users, with Edit privileges, to inject arbitrary web script or HTML via the gpcontent parameter to index.php. NOTE: some of these details are obtained from third party informati...
CVE-2010-2038
gpEasy CMS 1.6.2 contains a Cross-site scripting (XSS) vulnerability in include/tool/editing_files.php, exploitable via the gpcontent parameter to index.php. An authenticated user with Edit privileges can inject arbitrary HTML/JavaScript, which executes in the browser of other users. The CVE entr...