Multiple cross-site scripting (XSS) vulnerabilities in mod.php in eNdonesia 8.3 allow remote malicious users to inject arbitrary web script or HTML via (1) the mod parameter in a viewcat operation or (2) the query parameter in a search operation in the publisher module.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
endonesia endonesia 8.3 |