Cross-site scripting (XSS) vulnerability in include/classes/class.rex_list.inc.php in REDAXO 4.3.x and 4.4 allows remote malicious users to inject arbitrary web script or HTML via the subpage parameter to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redaxo redaxo 4.3 |
||
redaxo redaxo 4.3.2 |
||
redaxo redaxo 4.4 |
||
redaxo redaxo 4.3.1 |
||
redaxo redaxo 4.3.3 |