Multiple cross-site scripting (XSS) vulnerabilities in admin/controller.php in eSyndiCat Pro 2.3.05 allow remote malicious users to inject arbitrary web script or HTML via the (1) id parameter to the admins (2) blocks, (3) articles, or (4) suggest-category; or (5) sort parameter to the search page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
esyndicat esyndicat pro 2.3.05 |