Cross-site scripting (XSS) vulnerability in pagesUTF8/auftrag_allgemeinauftrag.jsp in Plunet BusinessManager 4.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the (1) QUB and (2) Bez74 parameters.
References
Advertisement
Configurations
Information
Published : 2009-02-23 07:30
Updated : 2017-08-16 18:29
NVD link : CVE-2009-0699
Mitre link : CVE-2009-0699
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Advertisement
Products Affected
plunet
- business_manager