Multiple cross-site scripting (XSS) vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge through 2015-04-28 allow remote attackers to inject arbitrary web script or HTML via the (1) adminUserName, (2) pathToMYSQL, (3) databaseStructureFile, or (4) pathToBibutils parameter to install.php or the (5) adminUserName parameter to update.php.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2015-09-28T01:00:00

Updated: 2024-08-06T07:51:27.424Z

Reserved: 2015-09-27T00:00:00

Link: CVE-2015-7383

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2015-09-28T02:59:17.060

Modified: 2024-11-21T02:36:41.637

Link: CVE-2015-7383

cve-icon Redhat

No data.