2 matches found
CVE-2013-4171
Apache Roller is affected by multiple XSS vulnerabilities in the search results templates for RSS/Atom feeds, affecting versions before 5.0.2. The issue allows remote attackers to inject arbitrary scripts/HTML. A fix is available in Roller 5.0.2 (vendor patch). If exploitation details are not dis...
CVE-2013-4171
Multiple cross-site scripting XSS vulnerabilities in Apache Roller before 5.0.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to the search results in the 1 RSS and 2 Atom feed templates...