Multiple cross-site scripting (XSS) vulnerabilities in PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allow remote malicious users to inject arbitrary web script or HTML via a crafted HTTP request to a (1) ColdFusion or (2) JavaScript component.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
paperthin commonspot content server 8.0.2 |
||
paperthin commonspot content server 8.0.0 |
||
paperthin commonspot content server |
||
paperthin commonspot content server 8.0.1 |
Vulmon