Cross-site scripting (XSS) vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field.
References
Link | Resource |
---|---|
http://jvn.jp/en/jp/JVN85804149/index.html | |
http://www.kent-web.com/mail/clipmail.html | Vendor Advisory |
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000067 |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2013-06-28 16:55
Updated : 2013-10-11 10:01
NVD link : CVE-2013-3649
Mitre link : CVE-2013-3649
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
microsoft
- internet_explorer
kent-web
- clip-mail