CVE-2011-0772

Multiple cross-site scripting XSS vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow remote attackers to inject arbitrary web script or HTML via the 1 color parameter to includes/blogroll.php or 2 src parameter to includes/timwrapper.php...

CVE-2011-0772

PivotX is affected by CVE-2011-0772: multiple XSS vulnerabilities in PivotX 2.2.0 and possibly earlier versions before 2.2.2. The root cause is insufficient input sanitization in two parameters: color in includes/blogroll.php and src in includes/timwrapper.php, allowing remote attackers to inject...