CVE-2015-2781
CVE-2015-2781 describes a cross-site scripting (XSS) vulnerability in Hotspot Express hotEx Billing Manager 73, via the hotspotlogin.cgi parameter reply. A malicious user can inject script into pages viewed by other users; PoC shows script execution (e.g., alert(document.cookie)). The vulnerable ...