Cross-site scripting (XSS) vulnerability in the lz_tracking_set_sessid function in templates/jscript/jstrack.tpl in LiveZilla 3.2.0.2 allows remote malicious users to inject arbitrary web script or HTML via the livezilla parameter in a track action to server.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
livezilla livezilla 3.2.0.2 |