Multiple cross-site scripting (XSS) vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge through 2015-04-28 allow remote attackers to inject arbitrary web script or HTML via the (1) adminUserName, (2) pathToMYSQL, (3) databaseStructureFile, or (4) pathToBibutils parameter to install.php or the (5) adminUserName parameter to update.php.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://www.kb.cert.org/vuls/id/374092 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: certcc
Published: 2015-09-28T01:00:00
Updated: 2024-08-06T07:51:27.424Z
Reserved: 2015-09-27T00:00:00
Link: CVE-2015-7383
Vulnrichment
No data.
NVD
Status : Modified
Published: 2015-09-28T02:59:17.060
Modified: 2024-11-21T02:36:41.637
Link: CVE-2015-7383
Redhat
No data.