CVE-2009-0699
23.02.2009, 15:30
Cross-site scripting (XSS) vulnerability in pagesUTF8/auftrag_allgemeinauftrag.jsp in Plunet BusinessManager 4.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the (1) QUB and (2) Bez74 parameters.
Vendor | Product | Version |
---|---|---|
plunet | business_manager | 𝑥 ≤ 4.1 |
𝑥
= Vulnerable software versions
References