Cross-site scripting (XSS) vulnerability in Sitecore CMS prior to 7.0 Update-4 (rev. 140120) allows remote malicious users to inject arbitrary web script or HTML via the xmlcontrol parameter to the default URI. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sitecore cms |