Sitecore.NET 7.1 up to and including 7.2 has a Cross Site Scripting Vulnerability via the searchStr parameter to the /Search-Results URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sitecore sitecore.net 7.2 |
||
sitecore sitecore.net 7.1 |