CVE-2009-1776
22.05.2009, 20:30
Multiple cross-site scripting (XSS) vulnerabilities in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via javascript: URIs in the (1) request and (2) return_link_url parameters.
| Vendor | Product | Version |
|---|---|---|
| matt_wright | formmail | 𝑥 ≤ 1.92 |
𝑥
= Vulnerable software versions
References