Cross-site scripting (XSS) vulnerability in AWFFull prior to 3.7.4, when AllSearchStr (aka the All Search Terms report) is enabled, allows remote malicious users to inject arbitrary web script or HTML via a search string.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
awffull awffull |