3 matches found
PivotX Multiple Vulnerabilities (Jul 2015)
PivotX is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:pivotx:pivotx"; if description...
CVE-2015-5456
Cross-site scripting XSS vulnerability in the form method in modules/formclass.php in PivotX before 2.3.11 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO, related to the "PHPSELF" variable and form actions...
CVE-2015-5456
PivotX is affected by CVE-2015-5456: an XSS in the form method (modules/formclass.php) present in PivotX versions before 2.3.11. The vulnerability is triggered via PATH_INFO (related to PHP_SELF) and form actions, allowing remote injection of script/html with no authentication. NVD notes CVSSv2 b...