Multiple cross-site scripting (XSS) vulnerabilities in unspecified Perl scripts in SandSurfer before 1.7.1 allow remote attackers to inject arbitrary web script or HTML, which is later executed by a target who views reports containing the injected data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sandsurfer | Xperience | 1.6.2 (including) | 1.6.2 (including) |
Sandsurfer | Xperience | 1.6.3 (including) | 1.6.3 (including) |
Sandsurfer | Xperience | 1.6.4 (including) | 1.6.4 (including) |
Sandsurfer | Xperience | 1.6.5 (including) | 1.6.5 (including) |
Sandsurfer | Xperience | 1.7.0 (including) | 1.7.0 (including) |