3 matches found
CVE-2013-3635
ProjectPier 0.8.8 has stored XSS...
CVE-2013-3635
CVE-2013-3635 affects ProjectPier 0.8.8. The vulnerability is a stored cross-site scripting (XSS) flaw in the application, with the XSS payloads reported in fields such as Contact Name, Contact Company Name, and Contact Description. Multiple connected sources corroborate that this vulnerability c...
Re: Project Pier Web Vulnerabilities
Mitre has assigned the following CVE's for these issues in Project Pier: XSS: CVE-2013-3635 Session cookies lack HttpOnly flag: CVE-2013-3636 Session cookies lack Secure flag: CVE-2013-3637 On Tue, May 21, 2013 at 9:26 PM, the infinitenigma [email protected] wrote: Summary...