CVE-2013-1938 – Zimbra - 'aspell.php' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2013-1938

Zimbra 2013 has XSS in aspell.php Zimbra 2013, presenta una vulnerabilidad de tipo XSS en el archivo aspell.php. • https://www.exploit-db.com/exploits/38436 http://www.openwall.com/lists/oss-security/2013/04/09/14 http://www.openwall.com/lists/oss-security/2013/04/09/15 http://www.securityfocus.com/bid/58913 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •