Cross-site scripting (XSS) vulnerability in search.php in Tunez 1.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchFor parameter.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Tunez | Tunez | 0.1 (including) | 0.1 (including) |
| Tunez | Tunez | 0.2 (including) | 0.2 (including) |
| Tunez | Tunez | 0.3 (including) | 0.3 (including) |
| Tunez | Tunez | 0.4 (including) | 0.4 (including) |
| Tunez | Tunez | 0.5 (including) | 0.5 (including) |
| Tunez | Tunez | 0.5.5 (including) | 0.5.5 (including) |
| Tunez | Tunez | 0.7 (including) | 0.7 (including) |
| Tunez | Tunez | 0.9 (including) | 0.9 (including) |
| Tunez | Tunez | 1.0.0 (including) | 1.0.0 (including) |
| Tunez | Tunez | 1.1 (including) | 1.1 (including) |
| Tunez | Tunez | 1.15 (including) | 1.15 (including) |
| Tunez | Tunez | 1.20 (including) | 1.20 (including) |
| Tunez | Tunez | 1.21 (including) | 1.21 (including) |