Multiple cross-site scripting (XSS) vulnerabilities in xFlow 5.46.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) level, (2) position, (3) id, and (4) action parameters to members_only/index.cgi, and the (5) page parameter to customer_area/index.cgi.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2006-04-19T16:00:00
Updated: 2024-08-07T17:27:29.460Z
Reserved: 2006-04-19T00:00:00
Link: CVE-2006-1850
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-04-19T16:06:00.000
Modified: 2024-11-21T00:09:54.663
Link: CVE-2006-1850
Redhat
No data.