Multiple cross-site scripting (XSS) vulnerabilities in Online Work Order Suite (OWOS) Lite Edition 3.10 allow remote malicious users to inject arbitrary web script or HTML via the show parameter to (1) default.asp and (2) report.asp, and the (3) go parameter to login.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
onlinetechtools.com owos lite 3.10 |