3 matches found
CVE-2018-9928
Cross-site scripting XSS vulnerability in save.php in MetInfo 6.0 allows remote attackers to inject arbitrary web script or HTML via the webname or weburl parameter...
CVE-2018-9928
Cross-site scripting XSS vulnerability in save.php in MetInfo 6.0 allows remote attackers to inject arbitrary web script or HTML via the webname or weburl parameter...
CVE-2018-9928
CVE-2018-9928 is a Cross-site scripting (XSS) vulnerability in MetInfo 6.0, located in save.php, allowing remote attackers to inject arbitrary script via the webname or weburl parameters. Affected software: MetInfo 6.0 (save.php). Root cause: unsanitized user input in webname/weburl leading to sc...