EUVD-2018-13276

Malware in sbrugna...

Cross site scripting

A stored cross site scripting XSS vulnerability in NeDi before 1.7Cp3 allows remote attackers to inject arbitrary web script or HTML via User-Chat.php...

CVE-2018-20731

A stored cross site scripting XSS vulnerability in NeDi before 1.7Cp3 allows remote attackers to inject arbitrary web script or HTML via User-Chat.php...

CVE-2018-20731

CVE-2018-20731 is a stored XSS vulnerability in NeDi prior to 1.7Cp3, exploitable via User-Chat.php. Public records in NVD/NVD-derived feeds describe that remote attackers can inject arbitrary web script or HTML. The connected feeds confirm NeDi versions affected up to at least 1.7Cp3 and referen...