CVE-2013-4880
EUVD-2013-472514.08.2013, 13:50
Cross-site scripting (XSS) vulnerability in core/admin/modules/developer/modules/views/add.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via the module parameter.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| bigtreecms | bigtree_cms | 𝑥 ≤ 4.0 |
| bigtreecms | bigtree_cms | 4.0:b1 |
| bigtreecms | bigtree_cms | 4.0:b2 |
| bigtreecms | bigtree_cms | 4.0:b3 |
| bigtreecms | bigtree_cms | 4.0:b4 |
| bigtreecms | bigtree_cms | 4.0:b5 |
| bigtreecms | bigtree_cms | 4.0:b6 |
| bigtreecms | bigtree_cms | 4.0:b7 |
| bigtreecms | bigtree_cms | 4.0:rc1 |
𝑥
= Vulnerable software versions
References