Multiple cross-site scripting (XSS) vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 allow remote malicious users to inject arbitrary web script or HTML via (1) the q parameter to search.php and (2) the year parameter to calendar.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dcp-portal dcp-portal 5.3.1 |