CVE-2006-4973

Publication date

2006-09-25 01:00:00

Family

mitre

State

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in Default.aspx in Perpetual Motion Interactive Systems DotNetNuke before 3.3.5, and 4.x before 4.3.5, allows remote attackers to inject arbitrary HTML via the error parameter.