Cross-site scripting (XSS)... CVE-2013-2209

4.3 AV AC AU C I A
发布: 2013-07-31
修订: 2014-04-19

Cross-site scripting (XSS) vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有32条受影响产品信息