3 matches found
zTree Cross Site Scripting Vulnerability
zTree is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ztreeproject:ztree";...
CVE-2015-7348
CVE-2015-7348 affects zTree, specifically version 3.5.19.1 (and possibly earlier). The vulnerability is a cross-site scripting (XSS) flaw in the demo/en/asyncData/getNodesForBigData.php handler, triggered via the id parameter. Root cause is improper input handling that allows injection of arbitra...
zTree 3.5.19.1 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Information -------------------- Advisory by Netsparker. Name: Multiple XSS Vulnerabilities in zTree v3 Affected Software : zTree Affected Versions: v3.5.19.1 and possibly below Vendor Homepage : https://github.com/zTree/zTreev3 Vulnerability...