Cross-site scripting (XSS) vulnerability in show.cfm in e-publish CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) obcatid and (2) comid parameters.
Name | Vendor | Start Version | End Version |
---|---|---|---|
E-publish | E-publish | * | 2.0 (including) |