Cross-site scripting (XSS) vulnerability in phpgwapi/inc/common_functions_inc.php in eGroupware prior to 1.8.004.20120405 allows remote malicious users to inject arbitrary web script or HTML via the menuaction parameter to etemplate/process_exec.php. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
egroupware egroupware |