Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 allows remote malicious users to inject arbitrary web script or HTML via certain fields, as demonstrated using the page parameter in nav.php3.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adalis d-forum 1.11 |