Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the bNewWindow parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
paperthin commonspot content server 2.5 |
||
paperthin commonspot content server 3.0 |
||
paperthin commonspot content server |
||
paperthin commonspot content server 3.2 |
||
paperthin commonspot content server 4.0 |