CVE-2011-5040 in Biznis Heroj
要約
〜によって MITRE
Multiple cross-site scripting (XSS) vulnerabilities in Infoproject Biznis Heroj allow remote attackers to inject arbitrary web script or HTML via the config parameter to (1) nalozi_naslov.php and (2) widget.dokumenti_lista.php.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.