CVE-2015-2957
MilkyStep XSS (CVE-2015-2957) affects Igreks MilkyStep Light 0.94 and earlier and MilkyStep Professional 1.82 and earlier. The vulnerability is a cross-site scripting flaw (CWE-79) in the MilkyStep CGI for email newsletter management, arising from improper handling of input/output that allows rem...