2 matches found
CVE-2007-1873
Mephisto 0.7.3 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary script or HTML via the q parameter in the search script. The impact is described as actionable by injecting code, with no vendor fix available according to the security adviso...
Cross site scripting in mephisto 0.7.3
Cross site scripting in mephisto 0.7.3 security advisory References: http://www.mephistoblog.com https://vulners.com/cve/CVE-2007-1873 Description: Cross site scripting describes attacks that allow to insert malicious html or javascript code via get or post forms. This can be used to steal sessio...