Cross-site scripting (XSS) vulnerability in the Journal module in Tru-Zone Nuke ET 3.x allows remote malicious users to inject arbitrary web script or HTML via the title parameter in a new entry, as demonstrated by a CSS property in the STYLE attribute of a DIV element, a different vulnerability than CVE-2008-1873.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tru-zone nukeet 3.1 |
||
tru-zone nukeet 3.2 |
||
tru-zone nukeet 3.0 |
||
tru-zone nukeet 3.3 |
||
tru-zone nukeet 3.4 |
||
tru-zone nukeet 3.9 |