Multiple cross-site scripting (XSS) vulnerabilities in unspecified Perl scripts in SandSurfer before 1.7.1 allow remote attackers to inject arbitrary web script or HTML, which is later executed by a target who views reports containing the injected data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sandsurfer | Xperience | 1.6.4 | 1.6.4 |
Sandsurfer | Xperience | 1.6.5 | 1.6.5 |
Sandsurfer | Xperience | 1.6.3 | 1.6.3 |
Sandsurfer | Xperience | 1.6.2 | 1.6.2 |
Sandsurfer | Xperience | 1.7.0 | 1.7.0 |