Multiple cross-site scripting (XSS) vulnerabilities in login.php in Omnistar Interactive OSI Affiliate allow remote attackers to inject arbitrary web script or HTML via the (1) login, (2) profile, (3) profile2, and (4) ref parameters.
References
Configurations
Information
Published : 2008-04-16 10:05
Updated : 2017-08-07 18:30
NVD link : CVE-2008-1850
Mitre link : CVE-2008-1850
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
osiaffiliate
- osiaffiliate