TaskFreak 0.6.4 Cross Site Scripting

TaskFreak version 0.6.4 suffers from multiple cross site scripting vulnerabilities...

CVE-2011-1062

Multiple cross-site scripting XSS vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote attackers to inject arbitrary web script or HTML via the 1 sContext, 2 sort, 3 dir, and 4 show parameters in a save action to index.php; the 5 dir and 6 show parameters to printlist.php;...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote attackers to inject arbitrary web script or HTML via the 1 sContext, 2 sort, 3 dir, and 4 show parameters in a save action to index.php; the 5 dir and 6 show parameters to printlist.php;...

CVE-2011-1062

Multiple cross-site scripting XSS vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote attackers to inject arbitrary web script or HTML via the 1 sContext, 2 sort, 3 dir, and 4 show parameters in a save action to index.php; the 5 dir and 6 show parameters to printlist.php;...

CVE-2011-1062

TaskFreak! 0.6.4 exposes multiple XSS vulnerabilities in include/html/header.php allowing injection via (1) sContext, (2) sort, (3) dir, (4) show in index.php; (5) dir, (6) show in print_list.php; and (7) Referer header to rss.php. No remediation details are provided in the supplied documents; no...