Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3.1, and 4.0 allows remote malicious users to inject arbitrary web script or HTML via the q parameter in a search action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache roller 2.3 |
||
apache roller 3.0 |
||
apache roller 3.1 |
||
apache roller 4.0 |