Multiple cross-site scripting (XSS) vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) topic and (2) button parameters to ansFAQ.asp and the (3) id and (4) txtEmail parameters to login.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
elinestudio site composer 2.5 |
||
elinestudio site composer |