Cross-site scripting (XSS) vulnerability in SloughFlash SF-Users 1.0, possibly in register.php, allows remote malicious users to inject arbitrary web script or HTML by setting the username field to contain JavaScript in the SRC attribute of an IMG element.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sloughflash sf-users 1.0 |