Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clip-bucket clipbucket 2.6 |