Cross-site scripting (XSS) vulnerability in the Attunement and Key Tracker 0.95 and previous versions plugin for EQdkp allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly involving the (1) keyshow, (2) sortkey, and (3) show parameters to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
eqdkp attunement and key |