Cross-site scripting (XSS) vulnerability in the Downloads module in PostNuke up to 0.726, and possibly later versions, allows remote malicious users to inject arbitrary HTML and web script via the ttitle parameter in a viewdownloaddetails action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
postnuke software foundation postnuke 0.726 |