Multiple cross-site scripting (XSS) vulnerabilities in QuiXplorer before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) dir, (2) item, (3) order, (4) searchitem, (5) selitems[], or (6) srt parameter to index.php or (7) the QUERY_STRING to index.php.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-01-02T20:18:34

Updated: 2024-08-06T15:13:31.699Z

Reserved: 2013-02-10T00:00:00

Link: CVE-2013-1642

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-01-02T21:15:12.717

Modified: 2024-11-21T01:50:03.737

Link: CVE-2013-1642

cve-icon Redhat

No data.