3 matches found
Jamroom 5.0.2 Cross Site Scripting Vulnerability
Jamroom version 5.0.2 suffers from a cross site scripting vulnerability. Product: Jamroom Vendor: Talldude Networks, LLC Vulnerable Versions: 5.0.2 and probably prior Tested Version: 5.0.2 Advisory Publication: November 13, 2013 without technical details Vendor Notification: November 13, 2013...
Jamroom 5.0.2 Cross Site Scripting
Advisory ID: HTB23184 Product: Jamroom Vendor: Talldude Networks, LLC Vulnerable Versions: 5.0.2 and probably prior Tested Version: 5.0.2 Advisory Publication: November 13, 2013 without technical details Vendor Notification: November 13, 2013 Vendor Patch: November 13, 2013 Public Disclosure:...
CVE-2013-6804
Jamroom is affected by a Cross-Site Scripting (XSS) vulnerability in the Search module prior to version 1.1.1. The issue arises from insufficient sanitisation of the HTTP POST parameter search_string sent to /search/results/all/1/4, allowing remote attackers to inject arbitrary HTML/JavaScript. T...