Multiple cross-site scripting (XSS) vulnerabilities in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allow remote malicious users to inject arbitrary web script or HTML via crafted input to ASP pages, as demonstrated using the backurl parameter to sdccommon/verify/asp/n6plugindestructor.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
consona consona live assistance |
||
consona consona dynamic agent - |
||
consona consona subscriber assistance |