Multiple cross-site scripting (XSS) vulnerabilities in OSClass prior to 3.4.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) action or (2) nsextt parameter to oc-admin/index.php or the (3) nsextt parameter in an items_reported action to oc-admin/index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
osclass osclass |
||
osclass osclass 3.4.0 |