Cross-site scripting vulnerability in Slash prior to 2.2.5, as used in Slashcode and elsewhere, allows remote malicious users to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
open source development network slashcode 2.1 |
||
open source development network slashcode 2.1.1 |
||
open source development network slashcode 2.0 |
||
open source development network slashcode 2.2.2 |
||
open source development network slashcode 2.2.3 |
||
open source development network slashcode 2.2.4 |
||
open source development network slashcode |
||
open source development network slashcode 2.2 |
||
open source development network slashcode 2.2.1 |