Security Advisory

CVE-2015-1373

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-01-27 17:00:00

Last updated 2024-09-17 00:42:11

Assigner mitre

State PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in admin.php in ferretCMS 1.0.4-alpha allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter in a search request, (2) username in a login request, which is not properly handled when logging the event, or (3) page title in an insert action.

← Browse all CVEs View on cve.org ↗