Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin prior to 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 up to and including 4.2.9 and 4.3.0 up to and including 4.3.3, allows remote malicious users to inject arbitrary web script or HTML via the get-data parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
blair williams pretty link lite 1.6.0 |
||
blair williams pretty link lite 1.6.1 |
||
blair williams pretty link lite |
||
joobi com jnews 8.0.1 |
||
civicrm civicrm 4.3.1 |
||
civicrm civicrm 3.1.1 |
||
civicrm civicrm 3.1.2 |
||
civicrm civicrm 3.2.2 |
||
civicrm civicrm 3.2.3 |
||
civicrm civicrm 3.3.6 |
||
civicrm civicrm 3.4.0 |
||
civicrm civicrm 4.1.5 |
||
civicrm civicrm 4.1.6 |
||
civicrm civicrm 4.2.7 |
||
civicrm civicrm 4.2.8 |
||
civicrm civicrm 4.3.3 |
||
civicrm civicrm 3.1.0 |
||
civicrm civicrm 3.2.0 |
||
civicrm civicrm 3.2.1 |
||
civicrm civicrm 3.3.3 |
||
civicrm civicrm 3.3.5 |
||
civicrm civicrm 4.1.3 |
||
civicrm civicrm 4.1.4 |
||
civicrm civicrm 4.2.5 |
||
civicrm civicrm 4.2.6 |
||
civicrm civicrm 4.3.2 |
||
civicrm civicrm 3.1.5 |
||
civicrm civicrm 3.1.6 |
||
civicrm civicrm 3.3.0 |
||
civicrm civicrm 3.3.1 |
||
civicrm civicrm 3.3.2 |
||
civicrm civicrm 4.1.1 |
||
civicrm civicrm 4.1.2 |
||
civicrm civicrm 4.2.2 |
||
civicrm civicrm 4.2.4 |
||
civicrm civicrm 4.3.0 |
||
civicrm civicrm 3.1.3 |
||
civicrm civicrm 3.1.4 |
||
civicrm civicrm 3.2.4 |
||
civicrm civicrm 3.2.5 |
||
civicrm civicrm 4.0.5 |
||
civicrm civicrm 4.1.0 |
||
civicrm civicrm 4.2.0 |
||
civicrm civicrm 4.2.1 |
||
civicrm civicrm 4.2.9 |