6 matches found
CVE-2013-4899
Cross-site scripting XSS vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the gallery/ page...
CVE-2013-4899
CVE-2013-4899 concerns Twilight CMS (v5.17 and earlier). The issue is an XSS vulnerability where user-supplied data appended to "/gallery/" is insufficiently filtered, allowing a remote attacker to inject arbitrary script via PATH_INFO and execute in the context of a logged-in user. The advisory ...
Cross-Site Scripting (XSS) in Twilight CMS
Advisory ID: HTB23166 Product: Twilight CMS Vendor: Strata Technologies LLC Vulnerable Versions: 5.17 and probably prior Tested Version: 5.17 Vendor Notification: July 24, 2013 Vendor Patch: August 15, 2013 Public Disclosure: August 21, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE...
Twilight CMS 5.17 Cross Site Scripting Vulnerability
Twilight CMS version 5.17 suffers from a cross site scripting vulnerability. Product: Twilight CMS Vendor: Strata Technologies LLC Vulnerable Versions: 5.17 and probably prior Tested Version: 5.17 Vendor Notification: July 24, 2013 Vendor Patch: August 15, 2013 Public Disclosure: August 21, 2013...
Twilight CMS 5.17 Cross Site Scripting
Advisory ID: HTB23166 Product: Twilight CMS Vendor: Strata Technologies LLC Vulnerable Versions: 5.17 and probably prior Tested Version: 5.17 Vendor Notification: July 24, 2013 Vendor Patch: August 15, 2013 Public Disclosure: August 21, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE...
Cross-Site Scripting (XSS) in Twilight CMS
High-Tech Bridge Security Research Lab discovered vulnerability in Twilight CMS, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in Twilight CMS: CVE-2013-4899 The vulnerability exists due to insufficient filtration of user-supplied data appended to...