Cross-site scripting vulnerability in analog prior to 5.22 allows remote malicious users to execute Javascript via an HTTP request containing the script, which is entered into a web logfile and not properly filtered by analog during display.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
stephen turner analog 4.16 |
||
stephen turner analog 4.90_beta2 |
||
stephen turner analog 4.90_beta3 |
||
stephen turner analog 4.90_beta4 |
||
stephen turner analog 4.01 |
||
stephen turner analog 4.02 |
||
stephen turner analog 4.03 |
||
stephen turner analog 4.04 |
||
stephen turner analog 5.1a |
||
stephen turner analog 5.2 |
||
stephen turner analog 3.90_beta1 |
||
stephen turner analog 4.11 |
||
stephen turner analog 4.15 |
||
stephen turner analog 4.91_beta1 |
||
stephen turner analog 5.01 |
||
stephen turner analog 5.03 |
||
stephen turner analog 3.90_beta2 |
||
stephen turner analog 4.1 |
||
stephen turner analog 4.14 |
||
stephen turner analog 5.0 |
||
stephen turner analog 5.02 |