2 matches found
[iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin
Design-Approval-System Wordpress plugin XSS vendor product description A system to streamline the process of getting designs, photos, documents, videos or music approved by clients quickly. Bug Description The walkthrouth web page does not validate the step parameter leading to a Cross-site...
CVE-2013-5711
Design Approval System WordPress plugin (before 3.7) is affected by an XSS in admin/walkthrough/walkthrough.php via the step parameter. The vulnerability allows remote attackers to inject arbitrary script/HTML. Public references include PoC payloads and vendor notes; patches were released to fix ...