2 matches found
CVE-2010-3463
SantaFox 2.02 (and possibly earlier) is vulnerable to a Cross-site Scripting (XSS) flaw in modules/search/search.class.php, exploitable via the search parameter to search.html. The root cause is insufficient input sanitation in the search parameter, allowing remote attackers to inject arbitrary H...
CVE-2010-3463
Cross-site scripting XSS vulnerability in modules/search/search.class.php in SantaFox 2.02, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the search parameter to search.html...