Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix GeniXCMS prior to 0.0.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat parameter in the categories page to gxadmin/index.php or (2) page parameter to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
genixcms genixcms |