Cross-site scripting (XSS) vulnerability in the NS-Languages module for PostNuke 0.761 and previous versions, when magic_quotes_gpc is enabled, allows remote malicious users to inject arbitrary web script or HTML via the language parameter in a missing or translation operation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
postnuke software foundation postnuke |