Page 2 of 6 results (0.025 seconds)
CVSS: 4.3EPSS: 0%CPEs: 22EXPL: 1
CVE-2013-6808
https://notcve.org/view.php?id=CVE-2013-6808
Cross-site scripting (XSS) vulnerability in lib/NSSDropoff.php in ZendTo before 4.11-13 allows remote attackers to inject arbitrary web script or HTML via a modified emailAddr field to pickup.php. Cross-site scripting (XSS) en lib / NSSDropoff.php en ZendTo anterior a 4,11-13, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un campo emailAddr modificado en pickup.php. • http://www.zend.to/changelog.php https://www.packetlabs.net/cve-2013-6808 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •