Cross-site scripting (XSS) vulnerability in lib/owl.lib.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the username parameter in a getpasswd action to register.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
owl intranet knowledgebase |
||
owl intranet knowledgebase 0.94 |