CVE-2014-9522

The CVE-2014-9522 entry concerns multiple cross-site scripting (XSS) vulnerabilities in CMS Papoo Light 6.0.0 (Rev 4701). The flaws allow remote attackers to inject arbitrary scripts via (1) the author field to guestbook.php and (2) the username field to account.php. The connected documents confi...