Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in ClanSphere 2011.4 allows remote attackers to inject arbitrary web script or HTML via the where parameter in a list action to index.php.
References 5 Total
- seclists.org: 20140310 [HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability mailing-list
- https://www.httpcs.com/advisory/httpcs127
- secunia.com: 57306 third-party-advisory
- securityfocus.com: 20140307 [HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability mailing-list
- securityfocus.com: 66058 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- seclists.org: 20140310 [HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability mailing-listx_transferred
- https://www.httpcs.com/advisory/httpcs127 x_transferred
- secunia.com: 57306 third-party-advisoryx_transferred
- securityfocus.com: 20140307 [HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability mailing-listx_transferred
- securityfocus.com: 66058 vdb-entryx_transferred