3 matches found
CVE-2015-4699
Cross-site scripting XSS vulnerability in the Splash Portal in Cloud4Wi before 5.9.7 allows remote attackers to inject arbitrary web script or HTML via the recoveryMessage parameter to the default URI...
CVE-2015-4699
Cross-site scripting XSS vulnerability in the Splash Portal in Cloud4Wi before 5.9.7 allows remote attackers to inject arbitrary web script or HTML via the recoveryMessage parameter to the default URI...
CVE-2015-4699
The affected product is Cloud4Wi Splash Portal (before version 5.9.7). A Cross-Site Scripting (XSS) vulnerability exists in the Splash Portal that allows remote attackers to inject arbitrary web script or HTML by supplying malicious input to the recoveryMessage parameter in the default URI. This ...