4 matches found
CVE-2013-5744
CVE-2013-5744 affects Feng Office (2.3.2-rc and earlier). The issue is a Cross-Site Scripting (XSS) in the ref_[any] parameter passed to /index.php (e.g., ref_abc), caused by insufficient sanitisation of user-supplied data. Exploitation can lead to arbitrary HTML/JavaScript execution in the victi...
Cross-Site Scripting (XSS) in Feng Office
Advisory ID: HTB23174 Product: Feng Office Vendor: Secure Data SRL Vulnerable Versions: 2.3.2-rc and probably prior Tested Version: 2.3.2-rc Advisory Publication: September 18, 2013 without technical details Vendor Notification: September 18, 2013 Public Disclosure: October 9, 2013 Vulnerability...
Feng Office 2.3.2-rc Cross Site Scripting Vulnerability
Feng Office version 2.3.2-rc suffers from a cross site scripting vulnerability. Advisory ID: HTB23174 Product: Feng Office Vendor: Secure Data SRL Vulnerable Versions: 2.3.2-rc and probably prior Tested Version: 2.3.2-rc Advisory Publication: September 18, 2013 without technical details Vendor...
Feng Office 2.3.2-rc Cross Site Scripting
Advisory ID: HTB23174 Product: Feng Office Vendor: Secure Data SRL Vulnerable Versions: 2.3.2-rc and probably prior Tested Version: 2.3.2-rc Advisory Publication: September 18, 2013 without technical details Vendor Notification: September 18, 2013 Public Disclosure: October 9, 2013 Vulnerability...