CVE-2015-0918
08.01.2015, 15:59
Cross-site scripting (XSS) vulnerability in the administrative backend in Sefrengo before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter to backend/main.php.
Vendor | Product | Version |
---|---|---|
sefrengo | sefrengo | 𝑥 ≤ 1.6.0 |
𝑥
= Vulnerable software versions
References