Description
Cross-site scripting (XSS) vulnerability in CGI RESCUE Trees before 2.11 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
Affected products
- cgi_rescue / rescuecgi_rescue_trees
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/35123
- MISChttp://jvn.jp/en/jp/JVN28521500/index.html
- MISChttp://www.securityfocus.com/bid/34999
- MISChttp://osvdb.org/54545
- MISChttp://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20090512155247
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/50579
- MISChttp://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000028.html