Multiple cross-site scripting (XSS) vulnerabilities in Active Bids allow remote malicious users to inject arbitrary web script or HTML via the (1) search parameter to search.asp and the (2) URL parameter to tellafriend.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
activewebsoftwares active bids |