4 matches found
Cross-Site Scripting in bootstrap-tagsinput
All versions of bootstrap-tagsinput are vulnerable to cross-site scripting when user input is passed into the itemTitle parameter unmodified, as the package fails to properly sanitize or encode user input for that parameter. Recommendation This package is not actively maintained, and has not seen...
Cross-Site Scripting
Overview All versions of bootstrap-tagsinput are vulnerable to cross-site scripting when user input is passed into the itemTitle parameter unmodified, as the package fails to properly sanitize or encode user input for that parameter. Recommendation This package is not actively maintained, and has...
CVE-2008-6208
Cross-site scripting XSS vulnerability in submitnews.php in e107 CMS 0.7.11 allows remote attackers to inject arbitrary web script or HTML via the 1 authorname, 2 itemtitle, and 3 item parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third part...
CVE-2008-6208
Cross-site scripting XSS vulnerability in submitnews.php in e107 CMS 0.7.11 allows remote attackers to inject arbitrary web script or HTML via the 1 authorname, 2 itemtitle, and 3 item parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third part...