Multiple cross-site scripting (XSS) vulnerabilities in Mavili Guestbook, as released in November 2007, allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) approve.asp, (2) delete.asp, (3) edit.asp, or (4) edit2.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mavili guestbook project mavili guestbook - |