Multiple XSS in Dotclear 2.4.1.2

No description provided by source. Advisory ID: HTB23074 Product: Dotclear Vendor: Dotclear Vulnerable Versions: 2.4.1.2 and probably prior Tested Version: 2.4.1.2 Vendor Notification: 8 February 2012 Vendor Patch: 9 February 2012 Public Disclosure: 29 February 2012 Vulnerability Type: Cross Site...

Dotclear 2.4.1.2 - admincomments.php Multiple Cross-Site Scripting Vulnerabilities

Dotclear 2.4.1.2 - admincomments.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/52221/info Dotclear is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issu...

Dotclear 2.4.1.2 - '/admin/blogs.php?nb' Cross-Site Scripting

source: https://www.securityfocus.com/bid/52221/info Dotclear is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Dotclear 2.4.1.2 - '/admin/auth.php?login_data' Cross-Site Scripting

source: https://www.securityfocus.com/bid/52221/info Dotclear is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...