Description
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Carsen Klock TextSend 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) error or (2) success parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Affected products
- carsen_klock / textsend1.4 – 1.4
References
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/5097