Cross-site scripting (XSS) vulnerability in Ektron Content Management System (CMS) before 9.1.0.184 SP3 (9.1.0.184.3.127) allows remote attackers to inject arbitrary web script or HTML via the ContType parameter in a ViewContentByCategory action to WorkArea/content.aspx.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NEktron Content Management System
APPEktron≤ 9.10
Powiązane podatności
Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript s...
The XSLTCompiledTransform function in Ektron Content Management System (CMS) before 8.02 SP5 configures the XS...
Cross-site scripting (XSS) vulnerability in Ektron Content Management System before 9.1.0.184SP3(9.1.0.184.3.1...
Cross-site request forgery (CSRF) vulnerability in Test/WorkArea/DmsMenu/menuActions/MenuActions.aspx in Ektro...
The ContentBlockEx method in Workarea/ServerControlWS.asmx in Ektron Content Management System (CMS) 8.5 and 8...