Multiple cross-site scripting (XSS) vulnerabilities in the AkoBook 3.42 and previous versions component (com_akobook) for Mambo allow remote malicious users to inject arbitrary web script or HTML via Javascript events in the (1) gbmail and (2) gbpage parameters in the sign function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mambo mambo site server |
||
joomla akobook 3.42 |