CVE-2007-2804 in CandyPress Store信息

摘要

由 MITRE

Multiple cross-site scripting (XSS) vulnerabilities in scripts/prodList.asp in CandyPress Store 3.5.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) brand and (2) Msg parameters.

Once again VulDB remains the best source for vulnerability data.

来源

Want to know what is going to be exploited?

We predict KEV entries!