Multiple cross-site scripting (XSS) vulnerabilities in the Magnolia Form module 1.x prior to 1.4.7 and 2.x prior to 2.0.2 for Magnolia CMS allow remote malicious users to inject arbitrary web script or HTML via the (1) username, (2) fullname, or (3) email parameter to magnoliaPublic/demo-project/members-area/registration.html.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
magnolia-cms magnolia_form_module 1.4.5 |
||
magnolia-cms magnolia_form_module 1.4.6 |
||
magnolia-cms magnolia_form_module 2.0 |
||
magnolia-cms magnolia_form_module 2.0.1 |
||
magnolia-cms magnolia_form_module 1.4 |
||
magnolia-cms magnolia_form_module 1.4.1 |
||
magnolia-cms magnolia_form_module 1.4.2 |
||
magnolia-cms magnolia_form_module 1.4.3 |
||
magnolia-cms magnolia_form_module 1.4.4 |