3 matches found
CVE-2016-6133
Cross-site scripting XSS vulnerability in Ektron Content Management System before 9.1.0.184SP39.1.0.184.3.127 allows remote attackers to inject arbitrary web script or HTML via the rptStatus parameter in a Report action to WorkArea/SelectUserGroup.aspx...
CVE-2016-6133
CVE-2016-6133 is an XSS vulnerability in Ektron Content Management System (pre-9.1.0.184SP3 / 9.1.0.184.3.127) where an attacker can inject arbitrary script via the rptStatus parameter in WorkArea/SelectUserGroup.aspx. Public details (PacketStorm) show affected version 9.10SP1 (build 9.1.0.184) a...
Ektron CMS 9.10SP1 Cross Site Scripting
Vulnerability type: Cross Site Scripting Vendor: Ektron Product: Ektron Content Management System Affected version: 9.10SP1Build 9.1.0.184 Patched version: 9.1.0.184SP39.1.0.184.3.127 Credit: Siyavash Ghasseminia, Edmund Goh CVE ID: CVE-2016-6133 PROOF OF CONCEPT Vulnerable URL:...