6 matches found
CVE-2013-1466
CVE-2013-1466 affects glFusion (CMS) prior to 1.2.2.pl4 with multiple cross-site scripting (XSS) vulnerabilities. The flaw allows remote attackers to inject arbitrary HTML/JavaScript via user-supplied fields in several pages: profiles.php (subject), calendar/index.php (address1, address2, calenda...
Multiple Cross-Site Scripting (XSS) in glFusion
Advisory ID: HTB23142 Product: glFusion Vendor: http://www.glfusion.org/ Vulnerable Versions: 1.2.2 and probably prior Tested Version: 1.2.2 Vendor Notification: January 30, 2013 Vendor Patch: January 30, 2013 Public Disclosure: February 20, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CV...
glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities
Advisory ID: HTB23142 Product: glFusion Vendor: http://www.glfusion.org/ Vulnerable Versions: 1.2.2 and probably prior Tested Version: 1.2.2 Vendor Notification: January 30, 2013 Vendor Patch: January 30, 2013 Public Disclosure: February 20, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CV...
glFusion 1.2.2 Cross Site Scripting
Advisory ID: HTB23142 Product: glFusion Vendor: http://www.glfusion.org/ Vulnerable Versions: 1.2.2 and probably prior Tested Version: 1.2.2 Vendor Notification: January 30, 2013 Vendor Patch: January 30, 2013 Public Disclosure: February 20, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CV...
glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities
glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities Advisory ID: HTB23142 Product: glFusion Vendor: http://www.glfusion.org/ Vulnerable Versions: 1.2.2 and probably prior Tested Version: 1.2.2 Vendor Notification: January 30, 2013 Vendor Patch: January 30, 2013 Public Disclosure:...
glFusion 1.2.2 Cross Site Scripting Vulnerability
glFusion version 1.2.2 suffers from multiple cross site scripting vulnerabilities. Product: glFusion Vendor: http://www.glfusion.org/ Vulnerable Versions: 1.2.2 and probably prior Tested Version: 1.2.2 Vendor Notification: January 30, 2013 Vendor Patch: January 30, 2013 Public Disclosure: Februar...