Security Advisory
CVE-2013-6163
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Multiple cross-site scripting (XSS) vulnerabilities in ProjeQtOr (formerly ProjectOr RIA) before 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) type parameter to view/parameter.php, (2) p1value parameter to view/main.php, or (3) objectClass parameter to view/objectDetail.php.