CVE-2009-0699 (business_manager) [Sitemap] - HeapOverflow Computer Security Community & Forums : Heap Overflow.com
PDA

View Full Version : CVE-2009-0699 (business_manager)

Heap
25-02-09, 02:46
Cross-site scripting (XSS) vulnerability in pagesUTF8/auftrag_allgemeinauftrag.jsp in Plunet BusinessManager 4.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the (1) QUB and (2) Bez74 parameters.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0699)