2 matches found
CVE-2014-1456
Cross-site scripting XSS vulnerability in the login page in Open Web Analytics OWA before 1.5.6 allows remote attackers to inject arbitrary web script or HTML via the owauserid parameter to index.php...
CVE-2014-1456
Open Web Analytics (OWA) prior to version 1.5.6 is affected by CVE-2014-1456, a cross-site scripting (XSS) vulnerability in the login page. The issue allows injection of arbitrary script or HTML via the owa_user_id parameter to index.php, with impact described as partial integrity impact and no c...