Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Car Portal 3.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) PWRS or (2) Description field when posting a new vehicle; (3) news title when creating news; (4) Name when creating a sub user; (5) group name when creating a group; or (6) dealer name, (7) first name, or (8) last name when changing a profile.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netartmedia car portal 3.0 |